Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14807 usuários registradosO último membro registrado é Costa24
Os nossos membros postaram um total de 36045 mensagens em 3685 assuntos
Quem está conectado?
Há 19 usuários online :: 0 registrados, 0 invisíveis e 19 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Kaspersky detectando Baidu
3 participantes
Página 1 de 1
Kaspersky detectando Baidu
Já tive dor de cabeça de mais com o baidu, ao instalar um programa esqueci de desativar a caixa do baidu, e agora o kaspersky detecta o baidu na hora da instalação, mesmo depois de eu ter desinstalado ele nenhum desinstalador consegue removelo Log do AdwCleaner :
# AdwCleaner v3.205 - Report created 01/05/2014 at 17:12:29
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Exvaya - EXVAYA-PC
# Running from : C:\Users\Exvaya\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Exvaya\.android
Folder Deleted : C:\Users\Exvaya\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Public\Documents\baidu
Folder Deleted : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Folder Deleted : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
File Deleted : C:\Users\Exvaya\daemonprocess.txt
File Deleted : C:\Windows\Tasks\APSnotifierPP1.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP1
File Deleted : C:\Windows\Tasks\APSnotifierPP2.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP2
File Deleted : C:\Windows\Tasks\APSnotifierPP3.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP3
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\AnyProtect
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16866
-\\ Google Chrome v34.0.1847.131
[ File : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
*************************
AdwCleaner[R0].txt - [2468 octets] - [01/05/2014 17:10:43]
AdwCleaner[S0].txt - [2452 octets] - [01/05/2014 17:12:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2512 octets] ##########
# AdwCleaner v3.205 - Report created 01/05/2014 at 17:12:29
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Exvaya - EXVAYA-PC
# Running from : C:\Users\Exvaya\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Exvaya\.android
Folder Deleted : C:\Users\Exvaya\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Public\Documents\baidu
Folder Deleted : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Folder Deleted : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
File Deleted : C:\Users\Exvaya\daemonprocess.txt
File Deleted : C:\Windows\Tasks\APSnotifierPP1.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP1
File Deleted : C:\Windows\Tasks\APSnotifierPP2.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP2
File Deleted : C:\Windows\Tasks\APSnotifierPP3.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP3
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\AnyProtect
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16866
-\\ Google Chrome v34.0.1847.131
[ File : C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
*************************
AdwCleaner[R0].txt - [2468 octets] - [01/05/2014 17:10:43]
AdwCleaner[S0].txt - [2452 octets] - [01/05/2014 17:12:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2512 octets] ##########
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Olá Vextra.
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qui 01 maio 2014, 18:04, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Kaspersky detectando Baidu
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Exvaya on 01/05/2014 at 17:35:24,20.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
01/05/2014 17:36:05 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Exvaya\AppData\Roaming\ANICONFIG_{B23DCC7F-50B6-4B93-8D99-1D01FA944D8F}.ini deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Exvaya\AppData\Local\nsp46BC.tmp deleted
C:\Users\Exvaya\AppData\Local\cache deleted
C:\user.js deleted
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-04-30 16:14:42 2014-04-30 16:14:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-30 16:14:42 2014-04-30 17:50:35 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-04-27 19:07:02 2014-04-27 19:07:02 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-30 16:14:46 2014-04-30 16:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-27 19:07:02 2014-04-27 19:07:02 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-30 16:14:46 2014-04-30 16:49:03 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-30 16:12:16 2014-04-30 16:12:16 -------- d-----w- C:\Users\Exvaya\AppData\Local\Temp\baidu_secure
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"="C:\\Program Files (x86)\\Baidu Security"
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ytfmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" [27/04/2014 15:01]
==== Chrome Look ======================
Google Docs - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Exvaya\Desktop\Amnesia.lnk - C:\Program Files (x86)\Amnesia - The Dark Descent\redist\Launcher.exe
C:\Users\Exvaya\Desktop\Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\aeria_launcher.exe eept
C:\Users\Exvaya\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Exvaya\Desktop\Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\aeria_launcher.exe gfpt
C:\Users\Exvaya\Desktop\Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.exe
C:\Users\Exvaya\Desktop\Hewbo Video Converter.lnk - C:\Program Files (x86)\Hewbo Video Converter\Hewbo.exe
C:\Users\Exvaya\Desktop\Metin2.lnk - C:\Program Files (x86)\ONGAME\Metin2\metin2.exe
C:\Users\Exvaya\Desktop\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\Exvaya\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\Users\Exvaya\Desktop\µTorrent.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Aeria Ignite.lnk - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Camtasia Studio 8.lnk - C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Dungeon Siege 2.lnk - C:\Program Files (x86)\Dungeon Siege 2\DungeonSiege2.exe
C:\Users\Public\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Public\Desktop\Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\GTA San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Warface.lnk - C:\Level Up Games\Warface\Launcher\Launcher.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Compre Aeria Points.lnk - C:\AeriaGames\EdenEternalPT\Get Aeria Points.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Desinstalar.lnk - C:\AeriaGames\EdenEternalPT\Uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Jogue Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\aeria_launcher.exe eept
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Option.lnk - C:\AeriaGames\EdenEternalPT\CONFIG.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Website de Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\Eden Eternal PT Website.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Compre Aeria Points.lnk - C:\AeriaGames\GrandFantasiaPT\Get Aeria Points.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Desinstalar.lnk - C:\AeriaGames\GrandFantasiaPT\Uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Jogue Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\aeria_launcher.exe gfpt
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Website de Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\Grand Fantasia PT Website.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\Uninstall\unins000.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Dungeon Siege II™.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Grand Theft Auto San Andreas™.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Atualizador GameVicio.lnk - C:\Program Files (x86)\GameVicio\Amnesia The Dark Descent\Atualizador.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Desinstalar a Tradução.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Leia-me.lnk - C:\Program Files (x86)\GameVicio\Amnesia The Dark Descent\notas.html
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Problemas Técnicos.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Página GameVicio Brasil®.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Connection Wizard.lnk - C:\Program Files (x86)\D-Link\DWA-525 revA\D-Link Wizard.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Uninstall.lnk - C:\Program Files (x86)\InstallShield Installation Information\{1DEB8A37-56C9-4E41-9102-171D8EC91DF0}\setup.exe -runfromtemp -l0x0816
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Wireless Connection Manager.lnk - C:\Program Files (x86)\D-Link\DWA-525 revA\AirNCFG.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\Exvaya\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up Games\Warface\Warface.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {A313C1BB-04A5-49FA-AA26-6C3DDD9F6C7F} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Launcher Readme.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Lucasarts Readme.lnk - C:\Program Files (x86)\Lucasarts\Grim\README.TXT
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Uninstall Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Alci's IMG Editor 1.5 - Shortcut.lnk - C:\Users\Exvaya\Downloads\Alcis_IMG_Editor_1.5_www.modsgtasa.com.br]\Alci's IMG Editor 1.5 [[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] IMG Editor 1.5.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Exvaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Exvaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=2 1276723 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Exvaya\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Exvaya\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 01/05/2014 at 17:45:15,98 ======================
Tool run by Exvaya on 01/05/2014 at 17:35:24,20.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
01/05/2014 17:36:05 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Exvaya\AppData\Roaming\ANICONFIG_{B23DCC7F-50B6-4B93-8D99-1D01FA944D8F}.ini deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Exvaya\AppData\Local\nsp46BC.tmp deleted
C:\Users\Exvaya\AppData\Local\cache deleted
C:\user.js deleted
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-04-30 16:14:42 2014-04-30 16:14:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-30 16:14:42 2014-04-30 17:50:35 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-04-27 19:07:02 2014-04-27 19:07:02 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-30 16:14:46 2014-04-30 16:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-27 19:07:02 2014-04-27 19:07:02 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-30 16:14:46 2014-04-30 16:49:03 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-30 16:12:16 2014-04-30 16:12:16 -------- d-----w- C:\Users\Exvaya\AppData\Local\Temp\baidu_secure
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"="C:\\Program Files (x86)\\Baidu Security"
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ytfmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" [27/04/2014 15:01]
==== Chrome Look ======================
Google Docs - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Exvaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Exvaya\Desktop\Amnesia.lnk - C:\Program Files (x86)\Amnesia - The Dark Descent\redist\Launcher.exe
C:\Users\Exvaya\Desktop\Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\aeria_launcher.exe eept
C:\Users\Exvaya\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Exvaya\Desktop\Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\aeria_launcher.exe gfpt
C:\Users\Exvaya\Desktop\Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.exe
C:\Users\Exvaya\Desktop\Hewbo Video Converter.lnk - C:\Program Files (x86)\Hewbo Video Converter\Hewbo.exe
C:\Users\Exvaya\Desktop\Metin2.lnk - C:\Program Files (x86)\ONGAME\Metin2\metin2.exe
C:\Users\Exvaya\Desktop\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\Exvaya\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\Users\Exvaya\Desktop\µTorrent.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Aeria Ignite.lnk - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Camtasia Studio 8.lnk - C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Dungeon Siege 2.lnk - C:\Program Files (x86)\Dungeon Siege 2\DungeonSiege2.exe
C:\Users\Public\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Public\Desktop\Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\GTA San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Warface.lnk - C:\Level Up Games\Warface\Launcher\Launcher.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Compre Aeria Points.lnk - C:\AeriaGames\EdenEternalPT\Get Aeria Points.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Desinstalar.lnk - C:\AeriaGames\EdenEternalPT\Uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Jogue Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\aeria_launcher.exe eept
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Option.lnk - C:\AeriaGames\EdenEternalPT\CONFIG.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Eden Eternal PT\Website de Eden Eternal PT.lnk - C:\AeriaGames\EdenEternalPT\Eden Eternal PT Website.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Compre Aeria Points.lnk - C:\AeriaGames\GrandFantasiaPT\Get Aeria Points.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Desinstalar.lnk - C:\AeriaGames\GrandFantasiaPT\Uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Jogue Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\aeria_launcher.exe gfpt
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Grand Fantasia PT\Website de Grand Fantasia PT.lnk - C:\AeriaGames\GrandFantasiaPT\Grand Fantasia PT Website.URL
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\Uninstall\unins000.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Dungeon Siege II™.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Grand Theft Auto San Andreas™.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Atualizador GameVicio.lnk - C:\Program Files (x86)\GameVicio\Amnesia The Dark Descent\Atualizador.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Desinstalar a Tradução.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Leia-me.lnk - C:\Program Files (x86)\GameVicio\Amnesia The Dark Descent\notas.html
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Problemas Técnicos.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio\Amnesia The Dark Descent\Página GameVicio Brasil®.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Connection Wizard.lnk - C:\Program Files (x86)\D-Link\DWA-525 revA\D-Link Wizard.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Uninstall.lnk - C:\Program Files (x86)\InstallShield Installation Information\{1DEB8A37-56C9-4E41-9102-171D8EC91DF0}\setup.exe -runfromtemp -l0x0816
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-525 revA\Wireless Connection Manager.lnk - C:\Program Files (x86)\D-Link\DWA-525 revA\AirNCFG.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\Exvaya\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up Games\Warface\Warface.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {A313C1BB-04A5-49FA-AA26-6C3DDD9F6C7F} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Launcher Readme.lnk - C:\Program Files (x86)\Lucasarts\Grim\Grim Fandango Launcher.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Lucasarts Readme.lnk - C:\Program Files (x86)\Lucasarts\Grim\README.TXT
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lucasarts\Grim Fandango\Uninstall Grim Fandango.lnk - C:\Program Files (x86)\Lucasarts\Grim\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\raidcall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk - C:\Program Files (x86)\RaidCall.BR\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk - C:\Windows\Installer\{5303CFB5-D635-44F0-A94B-9611E81F07C4}\CamtasiaIcons.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Alci's IMG Editor 1.5 - Shortcut.lnk - C:\Users\Exvaya\Downloads\Alcis_IMG_Editor_1.5_www.modsgtasa.com.br]\Alci's IMG Editor 1.5 [[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] IMG Editor 1.5.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Exvaya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Exvaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Exvaya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Exvaya\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=2 1276723 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Exvaya\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Exvaya\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 01/05/2014 at 17:45:15,98 ======================
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qui 01 maio 2014, 18:19, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Kaspersky detectando Baidu
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Exvaya on 01/05/2014 at 18:10:21,77.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-01-204516.log 26056 bytes
==== System Restore Info ======================
01/05/2014 18:12:42 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Users\Exvaya\AppData\Local\Temp\baidu_secure not found
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-01 21:13:42 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:43 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-01 21:13:43 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=9 folders=9 1305981 bytes)
==== EOF on 01/05/2014 at 18:15:06,28 ======================
Tool run by Exvaya on 01/05/2014 at 18:10:21,77.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-01-204516.log 26056 bytes
==== System Restore Info ======================
01/05/2014 18:12:42 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths]
"url2"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Users\Exvaya\AppData\Local\Temp\baidu_secure not found
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-01 21:13:42 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:43 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-01 21:13:43 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=9 folders=9 1305981 bytes)
==== EOF on 01/05/2014 at 18:15:06,28 ======================
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qui 01 maio 2014, 18:27, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Kaspersky detectando Baidu
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Exvaya on 01/05/2014 at 18:22:05,15.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-01-204516.log 26056 bytes
C:\zoek-results2014-05-01-211506.log 7615 bytes
==== System Restore Info ======================
01/05/2014 18:24:53 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-01 21:13:42 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:43 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-01 21:13:43 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=9 folders=9 1305981 bytes)
==== EOF on 01/05/2014 at 18:25:48,28 ======================
Tool run by Exvaya on 01/05/2014 at 18:22:05,15.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Exvaya\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-01-204516.log 26056 bytes
C:\zoek-results2014-05-01-211506.log 7615 bytes
==== System Restore Info ======================
01/05/2014 18:24:53 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1242880732-2879532091-1974919092-1000\Software\Baidu Security\Antivirus\web]
==== Folders Found ======================
2014-05-01 20:12:36 2014-05-01 20:12:36 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:42 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-01 21:13:42 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-05-01 21:13:43 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-01 21:13:43 2014-04-30 16:49:03 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-01 21:13:42 2014-04-30 17:50:35 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=9 folders=9 1305981 bytes)
==== EOF on 01/05/2014 at 18:25:48,28 ======================
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Kaspersky detectando Baidu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Exvaya on 01/05/2014 at 18:31:37,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/05/2014 at 18:36:49,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Exvaya on 01/05/2014 at 18:31:37,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/05/2014 at 18:36:49,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Como está o PC depois destas limpezas?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detectando Baidu
Perfect! Muito obrigado amigo problema resolvido :rindo_atoa:
Vextra40- Iniciante
- Mensagens : 6
Reputação : 0
Data de inscrição : 30/04/2014
Re: Kaspersky detectando Baidu
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detectando Baidu
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Tópicos semelhantes
» Kaspersky detecta o Baidu na hora da instalação
» Kaspersky detectando Baidu na Instalção
» Baidu impede a instalação do Kaspersky.
» Baidu e Kaspersky não querem desinstalar
» Remoção do Baidu para instalar o Kaspersky
» Kaspersky detectando Baidu na Instalção
» Baidu impede a instalação do Kaspersky.
» Baidu e Kaspersky não querem desinstalar
» Remoção do Baidu para instalar o Kaspersky
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|