Remover Baidu Antivirus.

por capittman Dom 27 Abr 2014, 13:37

Estou tentando tirar Baidu Antivirus no meu computador para instalar Kaspersky.

Já executei adwarecleaner. Segue abaixo o relatório:

# AdwCleaner v3.204 - Relatório criado 27/04/2014 às 13:23:53
# Atualizado 26/04/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Michelle - MICHELLE-PC
# Executando de : C:\Users\Michelle\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : dealplylive
[#] Serviço Deletada : dealplylivem
Serviço Deletada : IePluginService

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files\baidu
Pasta Deletada : C:\Program Files\DealPly
Pasta Deletada : C:\Program Files\DealPlyLive
Pasta Deletada : C:\Program Files\FindLyrics
Pasta Deletada : C:\Program Files\Iminent
Pasta Deletada : C:\Program Files\MetaCrawler
Pasta Deletada : C:\Program Files\SimilarSites
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Users\Michelle\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Michelle\AppData\Local\Temp\mt_ffx
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\MetaCrawler
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\SimilarSites
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\sweet-page
Pasta Deletada : C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Arquivo Deletada : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
Arquivo Deletada : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
Arquivo Deletada : C:\windows\Tasks\Dealply.job
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Arquivo Deletada : C:\windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Arquivo Deletada : C:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Arquivo Deletada : C:\windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Arquivo Deletada : C:\windows\System32\Tasks\DealPlyUpdate

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D92E9F0-5969-4169-AC6F-9E5E8DFBC374}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01DABBDA-1CDC-4E49-851E-AF2A2C65898F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05146DB1-2363-4373-9143-0BEA87EB0209}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D3F9338-4A64-45D9-89B7-6550DB11B4F3}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D92E9F0-5969-4169-AC6F-9E5E8DFBC374}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D3F9338-4A64-45D9-89B7-6550DB11B4F3}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01DABBDA-1CDC-4E49-851E-AF2A2C65898F}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05146DB1-2363-4373-9143-0BEA87EB0209}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Chave Deletedo : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Chave Deletedo : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Chave Deletedo : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Chave Deletedo : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FindLyrics_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FindLyrics_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\5c538bdbb76de912
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{33CB14BC-58BB-4B3A-9877-7946A3F41BAE}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Dados Restaurada : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Lyrmix
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\IePlugin
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Wpm
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v34.0.1847.116

[ Arquivo : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*************************

AdwCleaner[R0].txt - [23057 octets] - [27/04/2014 13:21:15]
AdwCleaner[S0].txt - [22053 octets] - [27/04/2014 13:23:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22114 octets] ##########

por **Power Max** Dom 27 Abr 2014, 13:46

baidu - Remover Baidu Antivirus. 648673379

Olá capittman.

baidu - Remover Baidu Antivirus. 772309

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

por capittman Dom 27 Abr 2014, 15:14

Olá

Segue o relatório

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data de Verificação: 27/04/2014
Hora da Verificação: 14:58:38
Logfile: LOG.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.04.27.04
Rootkit Database: v2014.03.27.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7 Service Pack 1
CPU: x86
Sistema de Arquivo: NTFS
Usuário: Michelle

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 356133
Tempo Decorrido: 58 min, 13 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 1
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [cc842f00d6a59f975f4dd5466f9354ac],

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 7
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive, Quarantined, [cb85e649374483b3d8812f3411f19d63],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update, Quarantined, [cb85e649374483b3d8812f3411f19d63],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update\Log, Quarantined, [cb85e649374483b3d8812f3411f19d63],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Quarantined, [6be5949b39428bab0b5582e4d42e6c94],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, Quarantined, [6be5949b39428bab0b5582e4d42e6c94],

Arquivos: 101
PUP.DealPly, C:\AdwCleaner\Quarantine\C\Program Files\DealPly\DealPlyIE.dll.vir, Quarantined, [c090111e512a91a559172f24f70d0000],
PUP.Optional.Dealply, C:\AdwCleaner\Quarantine\C\Program Files\DealPly\DealPlyUpdate.exe.vir, Quarantined, [361aeb44b0cb3afc529a77dda55fc23e],
PUP.Optional.Dealply, C:\AdwCleaner\Quarantine\C\Program Files\DealPly\DealPlyUpdateRun.exe.vir, Quarantined, [351b0d2287f47abcbb319cb873910df3],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPly\DealPlyUpdateVer.exe.vir, Quarantined, [51ff1e112f4c7cba81a1c5596c94e719],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\DealPlyLive.exe.vir, Quarantined, [f85857d8aecdb3839f7000191fe22dd3],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe.vir, Quarantined, [ba96909fb5c6da5ce22d081134cd827e],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir, Quarantined, [bb95bb741467cb6bb75827f2e9188f71],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe.vir, Quarantined, [a8a8d8574f2c94a2898651c87190fc04],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir, Quarantined, [84ccf03ffe7d43f3d43bd2477f82936d],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir, Quarantined, [3b151c137efd8babc44b75a4ef12c040],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll.vir, Quarantined, [4010151aa8d31f17709f83966a977789],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll.vir, Quarantined, [302052ddbac141f59b74ed2cf11005fb],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll.vir, Quarantined, [aca4220d76054beb31ded04958a9f709],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll.vir, Quarantined, [470939f680fb90a65eb1a6738e73b54b],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll.vir, Quarantined, [163a6ac5473431052ee1ee2bcf32e917],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll.vir, Quarantined, [60f0002f5922d95d16f97d9cbc453dc3],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll.vir, Quarantined, [72deb877512a60d66ba4d04910f134cc],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll.vir, Quarantined, [2f218fa084f7241235da9881cb360cf4],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll.vir, Quarantined, [8cc44ae596e52e083ed13fdae51c6799],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir, Quarantined, [3b15fd32710ab18525ead643e91812ee],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll.vir, Quarantined, [8cc44be45d1eb6809d7229f08978d42c],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll.vir, Quarantined, [89c79e913d3e96a0f11e29f009f85ca4],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll.vir, Quarantined, [133d939c8eed25119c730910986946ba],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll.vir, Quarantined, [aea285aa6a11bb7be42b5cbdb74ab050],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll.vir, Quarantined, [f15f0e21cead61d560afcf4ac1409a66],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll.vir, Quarantined, [104098976a11ac8af8174acf0bf6b44c],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll.vir, Quarantined, [ce82052a52291125ad6215043dc424dc],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll.vir, Quarantined, [52fea48b0b701c1ab8577a9f9c65926e],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll.vir, Quarantined, [3d132807a4d786b077984ccd8c759a66],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll.vir, Quarantined, [afa1da557704063057b862b7f70a926e],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll.vir, Quarantined, [91bf84ab7dfea294c24da3761ee3a65a],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll.vir, Quarantined, [ca86aa85245782b4bb5432e7a55c827e],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll.vir, Quarantined, [2d230d227704e5515bb4da3f827f8080],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll.vir, Quarantined, [3e12a28d4e2de6509f70dc3d758c4bb5],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll.vir, Quarantined, [440c2d02bcbf989e27e8da3f8c75e719],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll.vir, Quarantined, [153b8ea1116ad462c54a15048e732bd5],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll.vir, Quarantined, [2c240e21c4b752e464ab0b0eb54cfa06],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll.vir, Quarantined, [fe5269c685f6a1950d02ca4f3dc414ec],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll.vir, Quarantined, [460a8ea133489f978d828c8d28d9d828],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll.vir, Quarantined, [302034fb2853a591cf4072a79d648878],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll.vir, Quarantined, [85cb7eb1f28910269e715ebbaa57bc44],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll.vir, Quarantined, [9cb40c238eed072f0708f32624dd5ba5],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll.vir, Quarantined, [71df141bfa8154e2fa154ccd748d4bb5],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll.vir, Quarantined, [d27ef837611a5bdb8887ed2cb74a3fc1],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll.vir, Quarantined, [0f412a051863241223ec8594ee13ee12],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir, Quarantined, [5ff198975625a09630dfeb2eb34e42be],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir, Quarantined, [cd832b041368ac8a8986cd4cc53cb54b],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll.vir, Quarantined, [8ac6c46b9ae12f0742cd5bbea55c9f61],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir, Quarantined, [c090032c4b3087af35da8e8bea17d729],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll.vir, Quarantined, [3e12b47b2556c76fea25c0590cf59e62],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll.vir, Quarantined, [f25e63cc78031a1cfa159089ab568080],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll.vir, Quarantined, [f15fb57a54271c1a0c039287de23936d],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll.vir, Quarantined, [0e42d9568af153e3937c0e0b19e80ff1],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll.vir, Quarantined, [8cc45ed114670c2a18f7b267e41de21e],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll.vir, Quarantined, [82ce7fb06d0e9e98a56a3adf926fb050],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll.vir, Quarantined, [e56b80af8fec1a1c6da2908929d87789],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll.vir, Quarantined, [db75ac8394e7ea4cf51a7d9c57aae31d],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll.vir, Quarantined, [440c5dd268132c0a2fe0cc4d1ae79e62],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll.vir, Quarantined, [f7591a153d3e270f4ec1f326659c31cf],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll.vir, Quarantined, [024eec431a61e155709f2beea25f619f],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll.vir, Quarantined, [4b059c93afccb68021ee9f7a6f92af51],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll.vir, Quarantined, [82ce59d6bdbe3402f9160514fd04768a],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll.vir, Quarantined, [e16ff23d5c1f3204967975a459a8758b],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir, Quarantined, [f95748e754275bdbe32c7f9a49b8619f],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir, Quarantined, [212f6ac5aecdb77fd33c75a49a678c74],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir, Quarantined, [113f41ee86f558decb4458c16b96cf31],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir, Quarantined, [6ae60926d0abc86ef916c95023de6a96],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Program Files\DealPlyLive\Update\1.3.23.0\psuser.dll.vir, Quarantined, [0e42022d3546d26462ad41d822df6c94],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SupTab.dll.vir, Quarantined, [cb85c16e97e4ad89d6771025a25ea858],
PUP.Optional.DealPly.A, C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir, Quarantined, [3917eb440d6eec4a9e84ec32e11f926e],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\SupTab\SupTab.dll.vir, Quarantined, [b69a8ba42e4d91a5c18ca88d619fd927],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, Quarantined, [1c34f639c3b816208ee45101c53caa56],
PUP.Optional.Iminent.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TXH5769\iminent[1].msi, Quarantined, [e769b37c3a41b383dad3d1585fa22fd1],
PUP.Optional.Wajam.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDPH3LDB\wajam_install[1].exe, Quarantined, [b49c2e0147347eb8d595120c58a8aa56],
PUP.Optional.Iminent.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5V5QKN4\IminentMinibarIE[1].exe, Quarantined, [123e8da26516cb6bb7304aba56ab1ae6],
PUP.Optional.Spigot.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JD0GPX9T\pdfforgeToolbar[1].msi, Quarantined, [da769a951c5f152105794ed8e41c58a8],
PUP.Optional.Iminent.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ML7UIMW1\MinibarFirefox[1].exe, Quarantined, [62ee052a5922cf67ba2de81ce71a837d],
PUP.Optional.Iminent.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OP6NP2ZR\MinibarChrome[1].exe, Quarantined, [a7a9240b86f57bbb0fd89470f20f4bb5],
PUP.Optional.PerformerSoft.A, C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZV6478JD\pack[1].7z, Quarantined, [ec648ba43348a98dd4dd66acae53dd23],
PUP.Optional.SkyTech.A, C:\Users\Michelle\AppData\Local\Temp\sof_sweet-page.exe, Quarantined, [242c9996c2b968cee76b53ffe1206f91],
PUP.Optional.Babylon.A, C:\Users\Michelle\AppData\Local\Temp\3B6E2C0C-BAB0-7891-9BF1-3FFCAF16BBE6\Latest\BExternal.dll, Quarantined, [54fca9863348e155a73a3ae82fd1f010],
PUP.Optional.DaleSearch.A, C:\Users\Michelle\AppData\Local\Temp\3B6E2C0C-BAB0-7891-9BF1-3FFCAF16BBE6\Latest\MyBabylonTB.exe, Quarantined, [f55b4ae5cfacff37775504173dc439c7],
PUP.Optional.Babylon.A, C:\Users\Michelle\AppData\Local\Temp\3B6E2C0C-BAB0-7891-9BF1-3FFCAF16BBE6\Latest\Setup.exe, Quarantined, [d47cbd725328053160f874aa03fd3dc3],
PUP.Optional.Babylon.A, C:\Users\Michelle\AppData\Local\Temp\3B6E2C0C-BAB0-7891-9BF1-3FFCAF16BBE6\Latest\CrxInstaller.dll, Quarantined, [1b35b27dd8a3fc3a54ce0a0b21e0ac54],
PUP.Optional.SkyTech.A, C:\Users\Michelle\AppData\Local\Temp\fullpackage_temp1396806550\alilog.dll, Quarantined, [89c7220d502b0b2bfc192c069070d12f],
PUP.Optional.SkyTech.A, C:\Users\Michelle\AppData\Local\Temp\fullpackage_temp1396806550\package1.zip, Quarantined, [4d03a68984f786b0f71e290930d028d8],
PUP.Optional.IePluginService.A, C:\Users\Michelle\AppData\Local\Temp\fullpackage_temp1396806550\tmp\SupTab.exe, Quarantined, [1f31141bb6c5f83e7cf666ec6d949769],
PUP.Optional.WpManager, C:\Users\Michelle\AppData\Local\Temp\fullpackage_temp1396806550\tmp\wpm.exe, Quarantined, [b19ff738d3a8f3432b966cf0867bde22],
PUP.Optional.DealPly.A, C:\Users\Michelle\AppData\Local\Temp\is357113909\dp.exe, Quarantined, [eb650a2513682412cb0370e7996b16ea],
PUP.Optional.Wajam, C:\Users\Michelle\AppData\Local\Temp\is357113909\wajam_download.exe, Quarantined, [67e9d55a56253df9d88da17d728ee917],
PUP.Optional.Babylon.A, C:\Users\Michelle\AppData\Local\Temp\is701137889\DaleSearchTB.exe, Quarantined, [8ac664cbb5c63006ad4cc33e6b96e917],
PUP.Optional.DealPly.A, C:\Users\Michelle\AppData\Local\Temp\is701137889\dp.exe, Quarantined, [54fc62cdc6b551e5438b5304838101ff],
PUP.Optional.Iminent.A, C:\Users\Michelle\AppData\Local\Temp\is701137889\IminentSetup.exe, Quarantined, [9bb5de512e4d51e5cde047e2808122de],
PUP.Optional.Softonic.A, C:\Users\Michelle\Downloads\SoftonicDownloader_para_utorrent.exe, Quarantined, [80d03ef1671465d1df3f67b532cf38c8],
PUP.Optional.Bundle, C:\Users\Michelle\Downloads\PDFWriterSetup.exe, Quarantined, [d878141b7cfffe3894f432ef3ac7ec14],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.WebCake.A, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, Quarantined, [aaa6d25ddba01323a8763b5b30d3f10f],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log, Quarantined, [cb85e649374483b3d8812f3411f19d63],

Physical Sectors: 0
(No malicious items detected)

(end)

por **Power Max** Dom 27 Abr 2014, 15:17

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

por capittman Dom 27 Abr 2014, 15:24

Olá

Não estou conseguindo compreender o porque de ter de baixar tantos aplicativos para excluir o Baidu e instalar o Kaspersky.

Nas outras postagens utilizando o zoek já resolvia o problema.

Pq comigo está sendo diferente?

por **Power Max** Dom 27 Abr 2014, 15:25

O problema é que seu PC não está só com o Baidu, ele está cheio de adwares. Note quantos já removemos até agora.

por capittman Dom 27 Abr 2014, 15:39

Ok

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Starter x86
Ran by Michelle on 27/04/2014 at 15:35:43,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsmixUpdate_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsmixUpdate_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{60BC2840-EB6D-4D9B-A8CF-540A12969FF2}

~~~ Files

Successfully deleted: [File] C:\windows\system32\sho2396.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/04/2014 at 15:38:45,87
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

por **Power Max** Dom 27 Abr 2014, 15:43

Desative temporariamente seu antivírus para evitar conflitos.

Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

por capittman Dom 27 Abr 2014, 16:12

Olá

O baidu ainda continua.

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Michelle on 27/04/2014 at 15:44:22,96.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michelle\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27/04/2014 15:45:12 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9C590AA6-1642-456D-9444-4972869B204A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\search.sqlite deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\OberonGameConsole deleted
C:\PROGRA~2\WPM deleted
C:\Users\Michelle\AppData\Local\cache deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\prefs.js deleted
C:\windows\System32\InstallUtil.InstallLog deleted
C:\windows\System32\searchplugins deleted
C:\windows\System32\Extensions deleted
C:\Users\Michelle\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu
2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu\Baidu Antivirus
2013-05-29 18:01:51 2014-04-06 17:56:24 -------- d-----w- C:\Program Files\Baidu Security
2014-04-06 17:56:24 2014-04-26 23:45:16 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2013-05-29 18:03:07 2014-04-06 17:57:31 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-26 23:36:09 2014-04-26 23:38:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2013-05-29 18:03:07 2014-04-06 17:57:31 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-26 23:36:09 2014-04-26 23:38:06 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2013-05-29 17:56:21 2013-05-29 17:56:21 -------- d-----w- C:\Users\Michelle\AppData\Local\Temp\baidu_secure
2013-05-29 17:56:21 2013-05-29 17:56:21 -------- d-----w- C:\Users\Michelle\AppData\Roaming\Baidu Security
2013-05-30 22:37:14 2013-05-30 22:37:14 -------- d-----w- C:\Users\Michelle\AppData\Roaming\Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall
2013-05-30 22:37:14 2013-05-30 22:37:14 -------- d-----w- C:\Users\Michelle\AppData\Roaming\Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================

--- C:\Users\Michelle\AppData\Local\Microsoft\Internet Explorer\DOMStore\1R7CQ819\pcfaster.baidu[1].xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13
Created time: 2013-05-30 22:37:41
Modified time: 2013-05-30 22:37:41
MD5: C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1: 35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966

--- C:\Users\Michelle\AppData\Local\Temp\{8A9C774B-840A-4791-B983-F11D1D307FE1}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-26 23:52:42
Modified time: 2014-04-24 15:18:28
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

--- C:\Users\Michelle\AppData\Local\Temp\{AB0AFD7B-BAC0-4E1E-9864-8D2651A8E051}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-26 22:33:36
Modified time: 2014-04-24 15:18:28
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

--- C:\Users\Michelle\AppData\Local\Temp\{D1706AFE-3D4A-4221-8FF1-47E41861E280}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-26 23:18:49
Modified time: 2014-04-24 15:18:28
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

--- C:\Users\Michelle\AppData\Local\Temp\{F09E9250-7A4D-4ABF-A4A2-C6900370C63D}\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-26 23:40:15
Modified time: 2014-04-24 15:18:28
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4

==== Registry Search Results for "Baidu" ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\013114-23166-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\020314-28485-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\041014-70325-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\041214-29359-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\041314-24102-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\052913-76799-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\072913-28095-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\110613-29967-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\111313-20592-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\122213-17986-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130359072450752203.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130416426369940237.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130417847769160235.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130418842316212213.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\alluser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\curuser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hkcu]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hklm]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.2.0.29\Statistic]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Avast Software\WRCv2\UrlInfo]
"http://pcfaster.baidu.com/pt/?link=6&channel=Babylon%7Cbr%7CIBD%7CBundle&version=3.2.0.29&langid=1046&userid=S26VJDQZ-B482FE68C2B6%21792de997-d309-4383-92d1-9593a20b172e%40%23B482FE68C2B6&usetime=102857&"=hex:de,\

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\CleanRecord]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Install]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\LastReportTime]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\3.2.0.29\Statistic]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\\Users\\Michelle\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_051.exe"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\013114-23166-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\020314-28485-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\041014-70325-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\041214-29359-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\041314-24102-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\052913-76799-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\072913-28095-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\110613-29967-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\111313-20592-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\122213-17986-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130359072450752203.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130416426369940237.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130417847769160235.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130418842316212213.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\alluser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\curuser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Run\Disable\hklm]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.2.0.29\Statistic]

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
abmojiekfpcmkkfamgfcpgfgipocface - C:\Users\Michelle\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx[01/04/2013 14:43]

Google Docs - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
GBBD Banco Santander (Brasil) S.A. - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf
Google Wallet - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_pt-BRBR531"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{92001F8A-C36B-473A-91E7-5BE0C81CF2B3} PSafe ClikSeguro Url="http://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Default\Desktop\CyberLink YouCam.lnk - C:\Program Files\CyberLink\YouCam\YouCam.exe
C:\Users\Default User\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Default User\Desktop\CyberLink YouCam.lnk - C:\Program Files\CyberLink\YouCam\YouCam.exe
C:\Users\Michelle\Desktop\CyberLink DVD Suite.lnk - C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Michelle\Desktop\CyberLink YouCam.lnk - C:\Program Files\CyberLink\YouCam\YouCam.exe
C:\Users\Michelle\Desktop\Free PDF to Word Doc Converter.lnk - C:\Program Files\Free PDF to Word Doc Converter\pdf2word.exe
C:\Users\Michelle\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\Michelle\Desktop\zoek (2).lnk - C:\Users\Michelle\Downloads\zoek (2).zip

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Discador Oi.lnk - C:\Program Files\OI\Oi3G\DiscadorOi.exe
C:\Users\Public\Desktop\Easy Network Manager.lnk - C:\Program Files\Samsung\Easy Network Manager\ENM.exe
C:\Users\Public\Desktop\Game Pack.lnk - C:\Program Files\Game Pack\GameConsole\GamePack.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
C:\Users\Public\Desktop\Plagius - Detector de Plágio.lnk -
C:\Users\Public\Desktop\Receitanet 1.03 .lnk - C:\Program Files\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Samsung Recovery Solution 4.lnk - C:\Program Files\Samsung\Samsung Recovery Solution 4\Manager1.exe
C:\Users\Public\Desktop\Samsung Support Center.lnk - C:\Program Files\Samsung\Samsung Support Center\SSCMain.exe
C:\Users\Public\Desktop\Samsung Update Plus.lnk - C:\Program Files\Samsung\Samsung Update Plus\SupClientApp.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD 8\CyberLink PowerDVD 8.lnk - C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD 8\Online registration.lnk - C:\Program Files\CyberLink\PowerDVD8\OLRSubmission\OLRSubmission.exe /LANG:Enu
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD 8\PowerDVD 8 Help file.lnk - C:\Program Files\CyberLink\PowerDVD8\Language\Enu\PowerDVD8.CHM
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD 8\Read Me.lnk - C:\Program Files\CyberLink\PowerDVD8\Language\Enu\Readme.htm
C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD 8\Uninstall PowerDVD 8.lnk - C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe /z-uninstall

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\Michelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1225 folders=126 52452457 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michelle\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Michelle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on 27/04/2014 at 16:08:14,97 ======================

por **Power Max** Dom 27 Abr 2014, 16:58

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por capittman Dom 27 Abr 2014, 17:12

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Michelle on 27/04/2014 at 17:07:13,96.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michelle\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-04-27-190814.log 32691 bytes

==== System Restore Info ======================

27/04/2014 17:07:58 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Deleting Files \ Folders ======================

C:\Users\Michelle\AppData\Local\Temp\baidu_secure not found
"C:\Users\Michelle\AppData\Local\Temp\{8A9C774B-840A-4791-B983-F11D1D307FE1}\Cleaner\baidu_av_4_0_3_57478.ini" not found
"C:\Users\Michelle\AppData\Local\Temp\{AB0AFD7B-BAC0-4E1E-9864-8D2651A8E051}\Cleaner\baidu_av_4_0_3_57478.ini" not found
"C:\Users\Michelle\AppData\Local\Temp\{D1706AFE-3D4A-4221-8FF1-47E41861E280}\Cleaner\baidu_av_4_0_3_57478.ini" not found
"C:\Users\Michelle\AppData\Local\Temp\{F09E9250-7A4D-4ABF-A4A2-C6900370C63D}\Cleaner\baidu_av_4_0_3_57478.ini" not found
C:\Program Files\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
C:\Users\Michelle\AppData\Roaming\Baidu Security deleted

==== Folders Found ======================

2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu
2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu\Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:45:16 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:38:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:38:06 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security_PC Faster_3.2.0.29_Uninstall_Baidu PC Faster Uninstall
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security_PC Faster_3.2.0.29_Uninstall_Baidu PC Faster Uninstall HK
2014-04-27 20:08:48 2014-04-26 23:45:16 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================

--- C:\Users\Michelle\AppData\Local\Microsoft\Internet Explorer\DOMStore\1R7CQ819\pcfaster.baidu[1].xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13
Created time: 2013-05-30 22:37:41
Modified time: 2013-05-30 22:37:41
MD5: C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1: 35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966

--- C:\zoek_backup\C_Users_Michelle_AppData_Local_Microsoft_Internet Explorer_DOMStore_1R7CQ819_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13
Created time: 2014-04-27 20:08:48
Modified time: 2013-05-30 22:37:41
MD5: C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1: 35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966

==== Registry Search Results for "Baidu" ======================

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-1636518059-4109472759-2779696801-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1246 folders=170 56484919 bytes)

==== EOF on 27/04/2014 at 17:11:05,14 ======================

por **Power Max** Dom 27 Abr 2014, 17:16

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

por capittman Dom 27 Abr 2014, 17:21

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Michelle on 27/04/2014 at 17:19:05,14.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michelle\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-04-27-190814.log 32691 bytes
C:\zoek-results2014-04-27-201105.log 18503 bytes

==== System Restore Info ======================

27/04/2014 17:19:31 Zoek.exe System Restore Point Created Succesfully.

==== Deleting Files \ Folders ======================

==== Folders Found ======================

2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu
2014-04-27 16:23:56 2014-04-27 16:23:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Michelle\AppData\Roaming\baidu\Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:45:16 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:38:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-27 20:08:48 2014-04-26 23:38:06 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security_PC Faster_3.2.0.29_Uninstall_Baidu PC Faster Uninstall
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security_PC Faster_3.2.0.29_Uninstall_Baidu PC Faster Uninstall HK
2014-04-27 20:08:48 2014-04-26 23:45:16 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall
2014-04-27 20:08:48 2014-04-27 20:08:48 -------- d---a-w- C:\zoek_backup\C_Users_Michelle_AppData_Roaming_Baidu Security\PC Faster\3.2.0.29\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================

--- C:\Users\Michelle\AppData\Local\Microsoft\Internet Explorer\DOMStore\1R7CQ819\pcfaster.baidu[1].xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13
Created time: 2013-05-30 22:37:41
Modified time: 2013-05-30 22:37:41
MD5: C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1: 35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966

--- C:\zoek_backup\C_Users_Michelle_AppData_Local_Microsoft_Internet Explorer_DOMStore_1R7CQ819_pcfaster.baidu[1].xml.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13
Created time: 2014-04-27 20:08:48
Modified time: 2013-05-30 22:37:41
MD5: C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1: 35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1246 folders=170 56485132 bytes)

==== EOF on 27/04/2014 at 17:20:33,89 ======================

por **Power Max** Dom 27 Abr 2014, 17:23

O Baidu não aparece mais no log do Zoek, como está seu PC após estes procedimentos?

por capittman Dom 27 Abr 2014, 17:40

Ufa....obrigada .....muito obrigada...consegui instalar o programa que queria.

por **Power Max** Dom 27 Abr 2014, 17:42

Fico feliz que o problema tenha sido resolvido.

baidu - Remover Baidu Antivirus. 772309

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

baidu - Remover Baidu Antivirus. 772309

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

baidu - Remover Baidu Antivirus. 648673379

Foi um prazer ajudar. Conte sempre conosco!

por **Danii** Dom 27 Abr 2014, 18:06

CASO RESOLVIDO

Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

por Conteúdo patrocinado

Remover Baidu Antivirus.

Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Re: Remover Baidu Antivirus.

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30