Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 10 usuários online :: 0 registrados, 0 invisíveis e 10 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Remover o baidu antivirus
2 participantes
Página 1 de 1
Remover o baidu antivirus
por sara_cynthia Qui 17 Abr 2014, 22:18
Boa noite,
Minha irmã baixou alguma coisa que trouxe consigo alguns vírus... A página inicial dos navegadores ficaram com um buscador chamado imminet e tmb foi instalado o antivírus baidu. Tenho o adwcleaner que "limpou" os navegadores porém o antivirus ainda ficou instalado. gostaria de uma ajuda
Minha irmã baixou alguma coisa que trouxe consigo alguns vírus... A página inicial dos navegadores ficaram com um buscador chamado imminet e tmb foi instalado o antivírus baidu. Tenho o adwcleaner que "limpou" os navegadores porém o antivirus ainda ficou instalado. gostaria de uma ajuda
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Qui 17 Abr 2014, 22:25
Oi Sara. Seja bem vinda ao Fórum PC Brasil.
Poste o log (relatório) do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt para que possamos analisá-lo.Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover o baidu antivirus
por sara_cynthia Qui 17 Abr 2014, 22:45
# AdwCleaner v3.023 - Relatório criado 17/04/2014 às 21:36:31
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : sara - SARA-PC
# Executando de : C:\Users\sara\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : hlnfd
Serviço Deletada : hlsvc
Serviço Deletada : SProtection
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Program Files\Highlightly
Pasta Deletada : C:\Program Files\Iminent
Pasta Deletada : C:\Program Files\IminentToolbar
Pasta Deletada : C:\Program Files\melondrea
Pasta Deletada : C:\Program Files\Common Files\Umbrella
Pasta Deletada : C:\Users\sara\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\sara\AppData\Roaming\baidu
Pasta Deletada : C:\Users\sara\AppData\Roaming\IminentToolbar
Pasta Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\Extensions\ffxtlbr@iminent.com
Pasta Deletada : C:\Program Files\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\Extensions\webbooster@iminent.com.xpi
Arquivo Deletada : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\searchplugins\iminent.xml
Arquivo Deletada : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\user.js
Arquivo Deletada : C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\I
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\IminentToolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\IminentToolbar
Chave Deletedo : HKLM\Software\Umbrella
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js ]
Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=9B4AF7FE-AB3E-48D5-AA04-13749182B462");
Linha deletada : user_pref("extensions.enabledAddons", "wrc%40avast.com:9.0.2011.70,webbooster%40iminent.com:8.15.4.1,ffxtlbr%40iminent.com:1.6.0,%7Bc047df5e-0fda-4055-b5db-a96a8a34a094%7D:1.0.1,gethighlightly%40gethi[...]
Linha deletada : user_pref("extensions.iminent.admin", false);
Linha deletada : user_pref("extensions.iminent.aflt", "orgnl");
Linha deletada : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Linha deletada : user_pref("extensions.iminent.autoRvrt", "false");
Linha deletada : user_pref("extensions.iminent.cntry", "BR");
Linha deletada : user_pref("extensions.iminent.dfltLng", "");
Linha deletada : user_pref("extensions.iminent.excTlbr", false);
Linha deletada : user_pref("extensions.iminent.ffxUnstlRst", false);
Linha deletada : user_pref("extensions.iminent.hdrMd5", "D288AE056868E913754EFBC36F4310EE");
Linha deletada : user_pref("extensions.iminent.id", "00c71b40000000000000386077276496");
Linha deletada : user_pref("extensions.iminent.instlDay", "16177");
Linha deletada : user_pref("extensions.iminent.instlRef", "");
Linha deletada : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.313:22:25");
Linha deletada : user_pref("extensions.iminent.newTab", false);
Linha deletada : user_pref("extensions.iminent.prdct", "iminent");
Linha deletada : user_pref("extensions.iminent.prtnrId", "iminent");
Linha deletada : user_pref("extensions.iminent.rvrt", "false");
Linha deletada : user_pref("extensions.iminent.sg", "none");
Linha deletada : user_pref("extensions.iminent.smplGrp", "none");
Linha deletada : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Linha deletada : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Linha deletada : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Linha deletada : user_pref("extensions.iminent.vrsnTs", "1.8.28.313:22:25");
Linha deletada : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Linha deletada : user_pref("iminent.LayoutId", "1");
Linha deletada : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
Linha deletada : user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"BR\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"139775363[...]
Linha deletada : user_pref("iminent.enabledAds", "obsolete");
Linha deletada : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"http://i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Linha deletada : user_pref("iminent.newtabredirect", "true");
Linha deletada : user_pref("iminent.nomsi", "true");
Linha deletada : user_pref("iminent.searchindex", "1");
Linha deletada : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Linha deletada : user_pref("iminent.version", "8.15.4.1");
Linha deletada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.15.4.1\",\"InstallEventCTime\":1397753618472}");
-\\ Google Chrome v34.0.1847.116
[ Arquivo : C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : homepage
Deletedo : icon_url
Deletedo : search_url
Deletedo : keyword
*************************
AdwCleaner[R0].txt - [11626 octets] - [17/04/2014 21:35:42]
AdwCleaner[S0].txt - [11237 octets] - [17/04/2014 21:36:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11298 octets] ##########
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : sara - SARA-PC
# Executando de : C:\Users\sara\Downloads\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
[#] Serviço Deletada : hlnfd
Serviço Deletada : hlsvc
Serviço Deletada : SProtection
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Program Files\Highlightly
Pasta Deletada : C:\Program Files\Iminent
Pasta Deletada : C:\Program Files\IminentToolbar
Pasta Deletada : C:\Program Files\melondrea
Pasta Deletada : C:\Program Files\Common Files\Umbrella
Pasta Deletada : C:\Users\sara\AppData\Local\Temp\Iminent
Pasta Deletada : C:\Users\sara\AppData\Roaming\baidu
Pasta Deletada : C:\Users\sara\AppData\Roaming\IminentToolbar
Pasta Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\Extensions\ffxtlbr@iminent.com
Pasta Deletada : C:\Program Files\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\Extensions\webbooster@iminent.com.xpi
Arquivo Deletada : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\searchplugins\iminent.xml
Arquivo Deletada : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Arquivo Deletada : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\user.js
Arquivo Deletada : C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\I
Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\IminentToolbar
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\IminentToolbar
Chave Deletedo : HKLM\Software\Umbrella
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js ]
Linha deletada : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=9B4AF7FE-AB3E-48D5-AA04-13749182B462");
Linha deletada : user_pref("extensions.enabledAddons", "wrc%40avast.com:9.0.2011.70,webbooster%40iminent.com:8.15.4.1,ffxtlbr%40iminent.com:1.6.0,%7Bc047df5e-0fda-4055-b5db-a96a8a34a094%7D:1.0.1,gethighlightly%40gethi[...]
Linha deletada : user_pref("extensions.iminent.admin", false);
Linha deletada : user_pref("extensions.iminent.aflt", "orgnl");
Linha deletada : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Linha deletada : user_pref("extensions.iminent.autoRvrt", "false");
Linha deletada : user_pref("extensions.iminent.cntry", "BR");
Linha deletada : user_pref("extensions.iminent.dfltLng", "");
Linha deletada : user_pref("extensions.iminent.excTlbr", false);
Linha deletada : user_pref("extensions.iminent.ffxUnstlRst", false);
Linha deletada : user_pref("extensions.iminent.hdrMd5", "D288AE056868E913754EFBC36F4310EE");
Linha deletada : user_pref("extensions.iminent.id", "00c71b40000000000000386077276496");
Linha deletada : user_pref("extensions.iminent.instlDay", "16177");
Linha deletada : user_pref("extensions.iminent.instlRef", "");
Linha deletada : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.313:22:25");
Linha deletada : user_pref("extensions.iminent.newTab", false);
Linha deletada : user_pref("extensions.iminent.prdct", "iminent");
Linha deletada : user_pref("extensions.iminent.prtnrId", "iminent");
Linha deletada : user_pref("extensions.iminent.rvrt", "false");
Linha deletada : user_pref("extensions.iminent.sg", "none");
Linha deletada : user_pref("extensions.iminent.smplGrp", "none");
Linha deletada : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Linha deletada : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Linha deletada : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Linha deletada : user_pref("extensions.iminent.vrsnTs", "1.8.28.313:22:25");
Linha deletada : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Linha deletada : user_pref("iminent.LayoutId", "1");
Linha deletada : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
Linha deletada : user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"BR\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"139775363[...]
Linha deletada : user_pref("iminent.enabledAds", "obsolete");
Linha deletada : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"http://i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Linha deletada : user_pref("iminent.newtabredirect", "true");
Linha deletada : user_pref("iminent.nomsi", "true");
Linha deletada : user_pref("iminent.searchindex", "1");
Linha deletada : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Linha deletada : user_pref("iminent.version", "8.15.4.1");
Linha deletada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.15.4.1\",\"InstallEventCTime\":1397753618472}");
-\\ Google Chrome v34.0.1847.116
[ Arquivo : C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo : homepage
Deletedo : icon_url
Deletedo : search_url
Deletedo : keyword
*************************
AdwCleaner[R0].txt - [11626 octets] - [17/04/2014 21:35:42]
AdwCleaner[S0].txt - [11237 octets] - [17/04/2014 21:36:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11298 octets] ##########
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Qui 17 Abr 2014, 22:57
Desative temporariamente seu antivírus para evitar conflitos.Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sex 18 Abr 2014, 13:11, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover o baidu antivirus
por sara_cynthia Qui 17 Abr 2014, 23:35
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 17/04/2014 at 23:11:32,64.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17/04/2014 23:14:16 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/firefox");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "StartWeb");
user_pref("browser.search.selectedEngine", "StartWeb");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Program Files\Mozilla Firefox\defaults\preferences\!vitruvian-autoenable.js deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js deleted
C:\Program Files\Mozilla Firefox\browser\defaults\preferences\!vitruvian-autoenable.js deleted
C:\Program Files\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js deleted
C:\found.000 deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\Baidu deleted
C:\Users\sara\Downloads\SoftonicDownloader_para_bluestacks-app-player.exe deleted
C:\Windows\system32\tasks\Baidu Antivirus Update deleted
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-17 16:23:36 2014-04-17 16:23:36 -------- d-----w- C:\Program Files\Baidu Security
2014-04-17 16:23:36 2014-04-18 02:10:44 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-04-17 16:24:19 2014-04-17 16:24:19 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-17 16:24:19 2014-04-17 16:24:19 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-17 17:29:10 2014-04-17 17:29:10 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-04-17 16:18:27 2014-04-18 02:11:32 -------- d-----w- C:\Users\sara\AppData\Local\Temp\BaiduAntivirus_1402-cda5be64
2014-04-17 16:18:27 2014-04-17 16:18:27 -------- d-----w- C:\Users\sara\AppData\Local\Temp\baidu_secure
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
==== Files Found ======================
--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\Users\sara\AppData\Local\Temp\n6779\BaiduAntivirus_1402-cda5be64.exe ---
Company: Baidu, Inc.
File Description: Baidu Antivirus Updater
File Version: 4,6,0,56895
Product Name: Baidu Antivirus
Copyright: Copyright (C) 2013 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1225064
Created time: 2014-04-17 16:18:09
Modified time: 2014-04-17 16:18:17
MD5: 812E31174C7A5E3FA4E1D7EDC93E5FAC
SHA1: 7C00743436B1B6DA8BB5AC7569D166DFDAB5AD24
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/01/2014 09:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- melondrea - %ProfilePath%\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default
ABE2E50533899C45DFA03E1D8767648F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll - Shockwave Flash
E83B541C71965CFA1DEFF846CD6E9ECD - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
C47920B4F36C19F97BD2EC19481387E5 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
01E4DA82C518853EF3B16209C038D7B9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
60F23A6CE8B9F9BE995EAACFF0022DFC - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
A64F2C388DC26BE3E469EDC3657B14F4 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
C45F7E59F2A0A6D3C4E90117F4752414 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
F7AEAD4303A056F2D1685B43024776CA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
FA0A3008589567CB7196620B05C9F28D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
==== Deleted Firefox Extensions ======================
C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmclajginlihohopoeofghddnhpplhom - C:\Program Files\Highlightly\Chrome\cmclajginlihohopoeofghddnhpplhom.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/01/2014 20:09]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03/03/2014 09:53]
Google Drive - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Supernatural - Jared Padalecki (Sam) V1.0 - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmdakcenphnaagiahibdjfdcgjoaofk
YouTube - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
RealDownloader - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.iminent.com_0.localstorage deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.iminent.com_0.localstorage-journal deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6670F320-7987-417F-BCCF-570B842ED85D} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Default User\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\sara\Desktop\Brasfoot 2012.lnk - C:\Brasfoot2012\bf2012.exe
C:\Users\sara\Desktop\Brasfoot 2013.lnk - C:\Brasfoot2013\bf2013.exe
C:\Users\sara\Desktop\Brasfoot2014.lnk - C:\Brasfoot2014\bf2014.exe
C:\Users\sara\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\sara\Desktop\Documentos.lnk - C:\Users\sara\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\sara\Desktop\FoxitReaderPortable - Atalho.lnk - C:\Users\sara\Downloads\FoxitReaderPortable\FoxitReaderPortable.exe
C:\Users\sara\Desktop\InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.exe
C:\Users\sara\Desktop\JetBee.lnk - C:\Program Files\Complex\JetBee\jetbee.exe
C:\Users\sara\Desktop\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\sara\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\sara\Desktop\Oi Velox.lnk - C:\Program Files\Oi\Programmer\OiVelox.exe
C:\Users\sara\Desktop\Photo Editor.lnk -
C:\Users\sara\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\USURIO~1\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Ajuda do PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe /Help
C:\Users\Public\Desktop\Apps.lnk - C:\Users\Public\Libraries\Apps.library-ms
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Itautec Descomplica.lnk - C:\Program Files\Itautec Descomplica\Descomplica.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
==== shortcuts in Users Start Menu ======================
C:\Users\sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot 2014\Manual do Brasfoot 2014.lnk - C:\Brasfoot2014\Manual_Brasfoot_2014.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot2014\Brasfoot2014.lnk - C:\Brasfoot2014\bf2014.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterApp Control\Ajuda do InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterApp Control\InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Network Status.lnk - C:\Program Files\PokerStars\Tracer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Uninstall PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUninstall.exe /u:PokerStars
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JetBee.lnk - C:\Program Files\Complex\JetBee\jetbee.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\Windows\explorer.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\sara\AppData\Local\Mozilla\Firefox\Profiles\za57zbyv.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=49 51598710 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\sara\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\sara\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 17/04/2014 at 23:31:58,21 ======================
Tool run by sara on 17/04/2014 at 23:11:32,64.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17/04/2014 23:14:16 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/firefox");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "StartWeb");
user_pref("browser.search.selectedEngine", "StartWeb");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Program Files\Mozilla Firefox\defaults\preferences\!vitruvian-autoenable.js deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js deleted
C:\Program Files\Mozilla Firefox\browser\defaults\preferences\!vitruvian-autoenable.js deleted
C:\Program Files\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js deleted
C:\found.000 deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\Baidu deleted
C:\Users\sara\Downloads\SoftonicDownloader_para_bluestacks-app-player.exe deleted
C:\Windows\system32\tasks\Baidu Antivirus Update deleted
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-17 16:23:36 2014-04-17 16:23:36 -------- d-----w- C:\Program Files\Baidu Security
2014-04-17 16:23:36 2014-04-18 02:10:44 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-04-17 16:24:19 2014-04-17 16:24:19 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-17 16:24:19 2014-04-17 16:24:19 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-17 17:29:10 2014-04-17 17:29:10 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-04-17 16:18:27 2014-04-18 02:11:32 -------- d-----w- C:\Users\sara\AppData\Local\Temp\BaiduAntivirus_1402-cda5be64
2014-04-17 16:18:27 2014-04-17 16:18:27 -------- d-----w- C:\Users\sara\AppData\Local\Temp\baidu_secure
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
==== Files Found ======================
--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\Users\sara\AppData\Local\Temp\n6779\BaiduAntivirus_1402-cda5be64.exe ---
Company: Baidu, Inc.
File Description: Baidu Antivirus Updater
File Version: 4,6,0,56895
Product Name: Baidu Antivirus
Copyright: Copyright (C) 2013 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1225064
Created time: 2014-04-17 16:18:09
Modified time: 2014-04-17 16:18:17
MD5: 812E31174C7A5E3FA4E1D7EDC93E5FAC
SHA1: 7C00743436B1B6DA8BB5AC7569D166DFDAB5AD24
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/01/2014 09:30]
==== Firefox Extensions ======================
ProfilePath: C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- melondrea - %ProfilePath%\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default
ABE2E50533899C45DFA03E1D8767648F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll - Shockwave Flash
E83B541C71965CFA1DEFF846CD6E9ECD - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\sara\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
C47920B4F36C19F97BD2EC19481387E5 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\sara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
01E4DA82C518853EF3B16209C038D7B9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
60F23A6CE8B9F9BE995EAACFF0022DFC - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
A64F2C388DC26BE3E469EDC3657B14F4 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
C45F7E59F2A0A6D3C4E90117F4752414 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
F7AEAD4303A056F2D1685B43024776CA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
FA0A3008589567CB7196620B05C9F28D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
==== Deleted Firefox Extensions ======================
C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\za57zbyv.default\extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cmclajginlihohopoeofghddnhpplhom - C:\Program Files\Highlightly\Chrome\cmclajginlihohopoeofghddnhpplhom.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/01/2014 20:09]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03/03/2014 09:53]
Google Drive - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Supernatural - Jared Padalecki (Sam) V1.0 - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmdakcenphnaagiahibdjfdcgjoaofk
YouTube - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
RealDownloader - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.iminent.com_0.localstorage deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pt.iminent.com_0.localstorage-journal deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage deleted successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6670F320-7987-417F-BCCF-570B842ED85D} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Default User\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\sara\Desktop\Brasfoot 2012.lnk - C:\Brasfoot2012\bf2012.exe
C:\Users\sara\Desktop\Brasfoot 2013.lnk - C:\Brasfoot2013\bf2013.exe
C:\Users\sara\Desktop\Brasfoot2014.lnk - C:\Brasfoot2014\bf2014.exe
C:\Users\sara\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\sara\Desktop\Documentos.lnk - C:\Users\sara\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
C:\Users\sara\Desktop\FoxitReaderPortable - Atalho.lnk - C:\Users\sara\Downloads\FoxitReaderPortable\FoxitReaderPortable.exe
C:\Users\sara\Desktop\InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.exe
C:\Users\sara\Desktop\JetBee.lnk - C:\Program Files\Complex\JetBee\jetbee.exe
C:\Users\sara\Desktop\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
C:\Users\sara\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\sara\Desktop\Oi Velox.lnk - C:\Program Files\Oi\Programmer\OiVelox.exe
C:\Users\sara\Desktop\Photo Editor.lnk -
C:\Users\sara\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\USURIO~1\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Ajuda do PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe /Help
C:\Users\Public\Desktop\Apps.lnk - C:\Users\Public\Libraries\Apps.library-ms
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Itautec Descomplica.lnk - C:\Program Files\Itautec Descomplica\Descomplica.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\PlayMemories Home.lnk - C:\Program Files\Sony\PlayMemories Home\PMBBrowser.exe
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe
C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
==== shortcuts in Users Start Menu ======================
C:\Users\sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk - C:\Users\sara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot 2014\Manual do Brasfoot 2014.lnk - C:\Brasfoot2014\Manual_Brasfoot_2014.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brasfoot2014\Brasfoot2014.lnk - C:\Brasfoot2014\bf2014.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterApp Control\Ajuda do InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterApp Control\InterApp Control.lnk - C:\Program Files\qubnfe\qubnfe.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Network Status.lnk - C:\Program Files\PokerStars\Tracer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Uninstall PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUninstall.exe /u:PokerStars
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JetBee.lnk - C:\Program Files\Complex\JetBee\jetbee.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe /VIDEOSEARCH
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\Windows\explorer.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cmclajginlihohopoeofghddnhpplhom deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\sara\AppData\Local\Mozilla\Firefox\Profiles\za57zbyv.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=101 folders=49 51598710 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\sara\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\sara\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 17/04/2014 at 23:31:58,21 ======================
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 01:14
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sex 18 Abr 2014, 11:07, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 10:25
A mensagem é muito grande, vou mandar fragmentada, ok?
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 18/04/2014 at 9:47:39,30.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
==== System Restore Info ======================
18/04/2014 09:49:04 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Users\sara\AppData\Local\Temp\BaiduAntivirus_1402-cda5be64 not found
C:\Users\sara\AppData\Local\Temp\baidu_secure not found
C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavAs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBsReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCloud.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCns.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bavhm.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLib.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLSP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavMem.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavNp.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSig.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSk.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdateInfo.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavVt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWebClient.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETManger.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMApi001.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMEngine.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bh.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bhbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsConfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CheckNetwork.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CloudDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\config.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport64.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashUL.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbgeng.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\fa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Feedback.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\FileShredder.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\IEProtect.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Investigate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\mm.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nfa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nsc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nwi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\rcs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\shortcut.ico" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Translator.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_config.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_statistic.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_ultimate.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\version.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\wi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavAs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBsReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCloud.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCns.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bavhm.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLib.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLSP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavMem.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavNp.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSig.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSk.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdateInfo.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavVt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWebClient.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETManger.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMApi001.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMEngine.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bh.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bhbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsConfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CheckNetwork.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CloudDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\config.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport64.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashUL.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbgeng.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\fa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Feedback.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\FileShredder.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\IEProtect.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Investigate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\mm.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nfa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nsc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nwi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\rcs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\shortcut.ico" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Translator.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_config.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_statistic.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_ultimate.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\version.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\wi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aebb.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aecore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aecrypto.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aedroid.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeemu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeexp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aegen.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aehelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeheur.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aelibinf.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aelidb.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aemobile.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeoffice.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aepack.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aerdl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aesbx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aescn.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aescript.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeset.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aevdf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aevdf.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avengine.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.conf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate_msg.avr" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\HBEDV.KEY" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\Microsoft.VC90.CRT.manifest" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\msvcr90.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\savapi3.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\unacev2.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase000.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase001.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase002.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase003.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase004.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase005.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase006.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase007.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase008.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase009.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase010.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase011.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase012.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase013.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase014.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase015.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase016.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase017.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase018.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase019.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase020.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase021.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase022.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase023.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase024.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase025.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase026.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase027.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase028.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase029.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase030.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase031.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETMData\History.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ac.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ag.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\cdcfg.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ep.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\er.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\fs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\hr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\kp.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\mn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\qs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\rl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\rr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sb.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sgf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\tg.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\tr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ub.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\up.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uu.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\vf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbg64\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dump\bugreportconfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\Bav.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavUpdater.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\DIYResource_cfg.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\I18N_cfg.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\BavPro_Setup.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\server_respond.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\idx\master.idx" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\Mname\AV-malware-names-2040-NLyeiT" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1057\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\3082\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_excluded.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_suessfully.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_safe_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_scanning.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_threat.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_threat_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\menu_item_background.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\guide_welcome.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_canceled.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_nolastscan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_noprocess.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_noscanlongtime.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_tools_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\offBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\offBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\onBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\onBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessCustomScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessFullScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessQuickScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessRightmenuScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\real_time.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\summary_top_safe_text.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\UserGuide_protect.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater\skin\en_reboot_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin\main-feedback_tittle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin\SUBMIT_bg2.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\lockClosed.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\lockOpen.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\safeicon.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_off_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_off_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_on_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_on_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin\unloadInvestigateTitle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin\unloadInvestigateTitle_cry.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\skin\menu_item_bg.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_excluded.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_suessfully.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_safe_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_scanning.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_threat.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_threat_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\menu_item_background.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\guide_welcome.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_canceled.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_nolastscan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_noprocess.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_noscanlongtime.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_tools_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\offBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\offBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\onBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\onBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessCustomScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessFullScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessQuickScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessRightmenuScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\real_time.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\summary_top_safe_text.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\UserGuide_protect.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater\skin\pu_reboot_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin\main-feedback_tittle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin\SUBMIT_bg2.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\lockClosed.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\lockOpen.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\safeicon.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_off_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_off_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_on_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_on_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin\unloadInvestigateTitle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin\unloadInvestigateTitle_cry.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\skin\menu_item_bg.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin\black_pop_excluded.png" not deleted
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 18/04/2014 at 9:47:39,30.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
==== System Restore Info ======================
18/04/2014 09:49:04 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Users\sara\AppData\Local\Temp\BaiduAntivirus_1402-cda5be64 not found
C:\Users\sara\AppData\Local\Temp\baidu_secure not found
C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavAs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBsReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCloud.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCns.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bavhm.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLib.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLSP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavMem.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavNp.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSig.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSk.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdateInfo.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavVt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWebClient.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETManger.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMApi001.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMEngine.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bh.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bhbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsConfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CheckNetwork.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CloudDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\config.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport64.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashUL.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbgeng.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\fa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Feedback.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\FileShredder.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\IEProtect.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Investigate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\mm.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nfa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nsc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nwi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\rcs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\shortcut.ico" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Translator.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_config.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_statistic.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_ultimate.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\version.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\wi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavAs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBsReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCloud.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCns.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bavhm.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLib.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavLSP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavMem.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavNp.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavR3Base64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSig.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSk.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSs.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUa.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm64.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdateInfo.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUpdater.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavVt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWebClient.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETManger.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMApi001.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BEVMEngine.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfilter64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bfmon64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bh.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bhbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsConfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bhw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbase.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bnbasex64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\bndef64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bprotect64.sys" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CheckNetwork.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CloudDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\config.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashReport64.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CrashUL.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbgeng.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\fa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Feedback.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\FileShredder.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\IEProtect.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Investigate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\mm.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nfa.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nsc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\nwi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\rcs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sc.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\shortcut.ico" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Translator.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_config.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_statistic.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update_ultimate.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\version.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\wi.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aebb.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aecore.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aecrypto.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aedroid.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeemu.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeexp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aegen.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aehelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeheur.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aelibinf.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aelidb.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aemobile.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeoffice.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aepack.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aerdl.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aesbx.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aescn.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aescript.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aeset.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aevdf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\aevdf.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avengine.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.conf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\avupdate_msg.avr" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\HBEDV.KEY" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\Microsoft.VC90.CRT.manifest" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\msvcr90.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\savapi3.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\unacev2.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase000.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase001.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase002.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase003.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase004.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase005.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase006.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase007.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase008.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase009.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase010.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase011.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase012.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase013.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase014.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase015.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase016.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase017.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase018.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase019.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase020.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase021.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase022.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase023.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase024.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase025.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase026.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase027.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase028.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase029.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase030.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\vbase031.vdf" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BETMData\History.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ac.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ag.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\cdcfg.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ep.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\er.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\fs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\hr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\kp.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\mn.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\qs.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\rl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\rr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sb.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sgf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\sw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\tg.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\tr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\ub.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\up.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uu.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\uw.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\vf.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\data\vr.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dbg64\dbghelp.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\dump\bugreportconfig.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\Bav.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavUpdater.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\DIYResource_cfg.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\I18N_cfg.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\BavPro_Setup.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\ProgramFileList.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\update\server_respond.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\idx\master.idx" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\avira\Mname\AV-malware-names-2040-NLyeiT" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1057\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\3082\language.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_excluded.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\black_pop_suessfully.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_safe_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_scanning.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_threat.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\dl_threat_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin\menu_item_background.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\guide_welcome.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_canceled.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_nolastscan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_noprocess.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_noscanlongtime.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_title_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\main_tools_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\offBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\offBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\onBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\onBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessCustomScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessFullScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessQuickScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\ProcessRightmenuScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\real_time.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\summary_top_safe_text.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus\UserGuide_protect.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater\skin\en_reboot_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin\main-feedback_tittle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin\SUBMIT_bg2.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_AddFiles_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_done_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\btn_shred_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin\button_history_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\lockClosed.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\lockOpen.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\safeicon.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_off_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_off_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_on_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin\setbtn_on_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin\unloadInvestigateTitle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin\unloadInvestigateTitle_cry.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1033\ShopProtect\skin\menu_item_bg.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_excluded.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\black_pop_suessfully.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_safe_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_scanning.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_threat.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\dl_threat_s.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin\menu_item_background.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\guide_welcome.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_canceled.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_nolastscan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_noprocess.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_noscanlongtime.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_title_safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\main_tools_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\offBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\offBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\onBtnHover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\onBtnNormal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessCustomScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessFullScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessQuickScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\ProcessRightmenuScan.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\real_time.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\summary_top_safe_text.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus\UserGuide_protect.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater\skin\pu_reboot_title.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin\main-feedback_tittle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin\SUBMIT_bg2.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_AddFiles_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_done_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\btn_shred_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin\button_history_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\lockClosed.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\lockOpen.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\safeicon.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_off_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_off_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_on_hover.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin\setbtn_on_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin\unloadInvestigateTitle.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin\unloadInvestigateTitle_cry.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1046\ShopProtect\skin\menu_item_bg.bmp" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavUi\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavUpdater\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\context\context.ini" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\feedback\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\fileshredder\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\Font\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ieprotect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\investigate\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ShopProtect\safesites.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\ShopProtect\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\Translator\skin.xml" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_down.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_normal.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\btn_cloud_add_over.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\enultrafast.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\risky.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\safe.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main\unknown.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin\black_pop_detected.png" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin\black_pop_excluded.png" not deleted
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 10:31
Anexei o txt pode ser? é muito grande...
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 11:06
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt ou anexe-o (se ele ficar muito grande) em sua próxima resposta.
Última edição por Power Max em Sex 18 Abr 2014, 11:59, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 11:33
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 18/04/2014 at 11:25:28,54.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
==== System Restore Info ======================
18/04/2014 11:27:12 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
C:\Users\Public\Documents\Baidu deleted
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-17 16:23:36 2014-04-17 16:23:36 -------- d-----w- C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp
2014-04-17 16:23:36 2014-04-18 14:25:27 -------- d-----w- C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 11:30:33,36 ======================
Tool run by sara on 18/04/2014 at 11:25:28,54.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
==== System Restore Info ======================
18/04/2014 11:27:12 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
C:\Users\Public\Documents\Baidu deleted
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-17 16:23:36 2014-04-17 16:23:36 -------- d-----w- C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp
2014-04-17 16:23:36 2014-04-18 14:25:27 -------- d-----w- C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 11:30:33,36 ======================
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 11:38
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt ou anexe-o (se ele ficar muito grande) em sua próxima resposta.
Última edição por Power Max em Sex 18 Abr 2014, 12:35, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 12:10
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 18/04/2014 at 11:57:32,42.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
C:\zoek-results2014-04-18-143033.log 11892 bytes
==== System Restore Info ======================
18/04/2014 11:58:50 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp not found
C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp\Baidu Antivirus not found
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 12:01:40,74 ======================
Tool run by sara on 18/04/2014 at 11:57:32,42.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
C:\zoek-results2014-04-18-143033.log 11892 bytes
==== System Restore Info ======================
18/04/2014 11:58:50 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3494737314-1258950454-2574509943-1000\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp not found
C:\Users\sara\AppData\Local\Temp\Baidu Security.tmp\Baidu Antivirus not found
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"="\\Baidu Antivirus Update"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 12:01:40,74 ======================
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 12:33
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sex 18 Abr 2014, 13:12, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 12:47
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sara on 18/04/2014 at 12:39:31,63.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
C:\zoek-results2014-04-18-143033.log 11892 bytes
C:\zoek-results2014-04-18-150140.log 6488 bytes
==== System Restore Info ======================
18/04/2014 12:41:56 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 12:44:56,35 ======================
Tool run by sara on 18/04/2014 at 12:39:31,63.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sara\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-18-023158.log 40184 bytes
C:\zoek-results2014-04-18-131051.log 812534 bytes
C:\zoek-results2014-04-18-143033.log 11892 bytes
C:\zoek-results2014-04-18-150140.log 6488 bytes
==== System Restore Info ======================
18/04/2014 12:41:56 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C12FF9A-9776-43F7-A5F7-65D1D34587E2}]
"Path"=-
==== Folders Found ======================
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu
2014-04-18 00:36:34 2014-04-18 00:36:34 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\sara\AppData\Roaming\baidu\Baidu Antivirus
2014-04-18 12:51:21 2014-04-18 12:51:21 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-18 12:53:05 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-18 12:54:06 2014-04-18 12:54:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-18 02:23:54 2014-04-18 02:23:54 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-04-18 14:27:49 2014-04-18 14:27:49 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-18 12:54:07 2014-04-18 12:54:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-18 12:54:07 2014-04-18 13:00:27 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-03-02 12:13:39 2014-03-02 12:13:39 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-18 12:51:21 2014-04-18 12:52:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_Users_sara_AppData_Local_Microsoft_Internet Explorer_DOMStore_4UDGG04V_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1388
Created time: 2014-03-02 12:13:39
Modified time: 2013-05-26 01:29:08
MD5: 9C4271FC17B390CBEA0CBC55E09C1D37
SHA1: 5AC73E616C6C47CBDA2E0AC63667B65AB84A250C
--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-5BD7B3AB.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 157614
Created time: 2014-03-02 12:13:39
Modified time: 2014-02-25 20:17:42
MD5: 85180BA1570DA3408843FB0327082BAE
SHA1: 54B906FD4CC76D3F435E276E7F519C6E112B6CFE
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3410
Created time: 2014-04-18 02:23:57
Modified time: 2014-04-17 17:29:50
MD5: 9F8E684C49429C2D1B612E2F569916AF
SHA1: FB7084178873DD6491B52AB73A49CBBE0C2A6816
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:52:11
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-18 12:53:49
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3578 folders=591 744754599 bytes)
==== EOF on 18/04/2014 at 12:44:56,35 ======================
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 12:50
O Baidu não aparece mais no relatório do Zoek. Como está seu PC após estes procedimentos?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remover o baidu antivirus
por sara_cynthia Sex 18 Abr 2014, 12:58
parou de travar e não vejo mais o antivírus baidu. Mais uma vez, obrigada!!
sara_cynthia- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 26/02/2014
Idade : 31
Re: Remover o baidu antivirus
por Power Max Sex 18 Abr 2014, 13:13
Fico feliz que o problema tenha sido resolvido. Só para finalizar siga estes tutoriais abaixo, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]._______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover o baidu antivirus
por Power Max Sáb 19 Abr 2014, 00:34
CASO RESOLVIDO
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes» Remover Baidu Antivirus.
» Como Faz Pra Remover o Baidu Antivirus do W8 ?
» Baidu Antivirus está em meu PC!
» Remover Baidu antivirus
» Nao estou conseguindo remover Baidu antivirus
» Como Faz Pra Remover o Baidu Antivirus do W8 ?
» Baidu Antivirus está em meu PC!
» Remover Baidu antivirus
» Nao estou conseguindo remover Baidu antivirus
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|