Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14807 usuários registrados
O último membro registrado é Costa24

Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por Costa24 Hoje à(s) 10:19

Quem está conectado?
20 usuários online :: 0 registrados, 0 invisíveis e 20 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Não consigo desinstalar o antivírus baidu

2 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 10:14

bom dia estou tentando instalar o kaspersky, mas não estou conseguindo ele acusa que tenho o baidu instalado sendo que já desinstalei
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 10:16

Não consigo desinstalar o antivírus baidu 648673379  Olá Patricker.

Não consigo desinstalar o antivírus baidu 772309 Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 10:29

AdwCleaner v3.207 - Relatório criado 07/05/2014 às 10:24:41
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usuário : terminal - TERMINAL-PC
# Executando de : C:\Users\terminal\Desktop\Nova pasta (2)\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : MgAssistService

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\StarApp
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\Program Files\DealPlyLive
Pasta Deletada : C:\Program Files\Delta
Pasta Deletada : C:\Program Files\LyricsOn
Pasta Deletada : C:\Program Files\Mega Browse
Pasta Deletada : C:\Program Files\Mobogenie
Pasta Deletada : C:\Program Files\TornTV.com
Pasta Deletada : C:\Program Files\Trymedia
Pasta Deletada : C:\Program Files\webget
Pasta Deletada : C:\Program Files\WebSearch
Pasta Deletada : C:\Users\terminal\AppData\Local\Babylon
Pasta Deletada : C:\Users\terminal\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\terminal\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\terminal\AppData\Local\Temp\webget
Pasta Deletada : C:\Users\terminal\AppData\Roaming\BabSolution
Pasta Deletada : C:\Users\terminal\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\terminal\AppData\Roaming\baidu
Pasta Deletada : C:\Users\terminal\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\terminal\AppData\Roaming\Delta
Pasta Deletada : C:\Users\terminal\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\terminal\Documents\Mobogenie
Pasta Deletada : C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Pasta Deletada : C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Arquivo Deletada : C:\Windows\system32\roboot.exe
Arquivo Deletada : C:\Users\terminal\daemonprocess.txt
Arquivo Deletada : C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\user.js
Arquivo Deletada : C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage
Arquivo Deletada : C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_f.dealply.com_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
Arquivo Deletada : C:\Windows\System32\Tasks\EPUpdater
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FDC5B97-A43D-4626-A44A-075E27727EF8}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FDC5B97-A43D-4626-A44A-075E27727EF8}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63089C6E-5707-4D22-97CF-FECAF3124533}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63089C6E-5707-4D22-97CF-FECAF3124533}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A489D8B-2216-46E7-AD0D-416391863460}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A489D8B-2216-46E7-AD0D-416391863460}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\d
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltaappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chave Deletedo : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypervisual-century-slots_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hypervisual-century-slots_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_powerarchiver_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_powerarchiver_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Chave Deletedo : HKCU\Software\1ClickDownload
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\DealPly
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Mega Browse
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\PIP
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\webget
Chave Deletedo : HKCU\Software\Zugo
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\DealPly
Chave Deletedo : HKLM\Software\Delta
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\Mega Browse
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\systweak
Chave Deletedo : HKLM\Software\Tarma Installer
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\V9Software
Chave Deletedo : HKLM\Software\webget
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webget

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16421

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v

[ Arquivo : C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]


-\\ Google Chrome v

[ Arquivo : C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Startup_urls] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Homepage] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deletedo [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deletedo [Extension] : fmfnfnpmhcllokmkepffndflpnadjmma
Deletedo [Extension] : nbmafkdmkkckhggblphicnnhlgljnoje
Deletedo [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [18579 octets] - [07/05/2014 10:23:46]
AdwCleaner[S0].txt - [19285 octets] - [07/05/2014 10:24:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19346 octets] ##########
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 10:30

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 10:38

unkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by terminal on 07/05/2014 at 10:34:57,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\lyricupdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\lyricupdater_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\dll-files.com fixer_monthly"
Successfully deleted: [File] "C:\Windows\System32\Tasks\dll-files.com fixer_updates"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\terminal\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Users\terminal\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files\dll-files.com fixer"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/05/2014 at 10:37:25,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 10:39

Não consigo desinstalar o antivírus baidu 772309 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 10:44

~ Relatório do ZHPDiag v2014.5.7.56 - Nicolas Coolman (07/05/2014)
~ Iniciado por terminal (07/05/2014 10:41:50)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v34.0.1847.131

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Internet Security 2012 v12.0.0.374
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (32%) free of 137 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TERMINAL-PC
~ User Name: terminal
~ All Users Names: terminal, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\terminal\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\terminal\AppData\Roaming\
~ %Desktop% : C:\Users\terminal\Desktop\
~ %Favorites% : C:\Users\terminal\Favorites\
~ %LocalAppData% : C:\Users\terminal\AppData\Local\
~ %StartMenu% : C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 44 Go of 137 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 99 Go of 161 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/12/2011 - 23:57:18.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 03:17:56.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2010 - 23:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.19/11/2010 - 23:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2011 - 02:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.19/11/2010 - 23:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/48
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/107
~ Mes Favoris (My Favorites) : 1/33
~ Mes Documents (My Documents) : 2/268
~ Mon Bureau (My Desktop) : 1/154
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 02s



---\\ Processos lançados
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [519720] [PID.788]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1608]
[MD5.53DCA61931847E35C950504BFB7559C6] - (.HP - HP LaserJet Service.) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704] [PID.816]
[MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150016] [PID.1648]
[MD5.F6F00E5A9EC32184945931CC6E79B6E2] - (.HP - HP Smart-Install Service.) -- C:\Windows\system32\HPSIsvc.exe [100256] [PID.1684]
[MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\system32\srvany.exe [8192] [PID.496]
[MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.1580] =>Hijacker.Office
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.2056]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.2116]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.2124]
[MD5.BF739971EC9B05DAFEC793767B632BA9] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.2176]
[MD5.BDFE0D7AC114A3C0986B09468D841100] - (.Hewlett-Packard Company - HP UT LEDM Driver.) -- C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264] [PID.2200]
[MD5.04F6CBD2BDAB19480F82AB255E56E9DB] - (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe [151552] [PID.2216]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2252]
[MD5.4BF659CCC3AE27A20806381935DC3745] - (...) -- C:\FPopular\Autorizador_Farmacia_Popular.exe [1347584] [PID.2320]
[MD5.C28B68520870A1DE49A5FDC5D79DBD6F] - (...) -- C:\ACBrNFeMonitor\ACBrNFeMonitor.exe [5504000] [PID.2356]
[MD5.6EEE29D055D14F84BEBDD71FA593E060] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files\Scpad\scpVista.exe [368544] [PID.2652]
[MD5.CC907C2FB839D3F92690A25FF8E463BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [4972864] [PID.3032]
[MD5.DBBBB58FE1E953AFAD8D6E38F3D298A5] - (.Sysfar Automação de Drogarias e Farmacias L - SysFar.) -- Z:\SysFar\sysfar.exe [3915264] [PID.3404]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe [841032] [PID.608]
[MD5.E6DA875D24C3774E045499F6BFA76F30] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7873024] [PID.1848]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.2148]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Conselheiro de URLs da Kaspersky v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] Teclado virtual v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkjddnjnldjjnbjahcinkhkchijbjcmn] Ask Toolbar v.25.60909, (Désactivé) =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.6.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] Anti-Banner v.12.0.0.374 (Désactivé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [terminal]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 02s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] . (.Hewlett-Packard Company - HP UT LEDM Driver.) -- C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
O4 - HKLM\..\Run: [CertificateRegistration] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2781968645-2062433568-2845779377-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-2781968645-2062433568-2845779377-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Teclado Virtual - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\kbrd.ico
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe
~ Services: 10 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{0F3093FA-4763-4C3A-AFD4-FFF4C5160B4B}] (...) -- F:\SISetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3B5E4C02-E19C-40EA-BE19-F78F3D26A6AB}] (...) -- C:\Program Files\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.) [0] =>Adware.BDSearch
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job [278]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\DLL-Files FixerASKUSER [278]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1056]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000Core [1038]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000UA [1090]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 90 Legitimates Filtered in 00mn 10s



---\\ Software instalados (042)
O42 - Logiciel: 18 Wheels of Steel - Across America - (...) [HKLM] -- 18 Wheels of Steel - Across America
O42 - Logiciel: ACBrNFeMonitor2-CAPICOM-0.8.2.3 - (.Projeto ACBr.) [HKLM] -- ACBrNFeMonitor_is1
O42 - Logiciel: Argos Mini II - (.Todos Data System AB.) [HKLM] -- {D84CB492-A248-49BA-8BBF-805A67C38A4E}
O42 - Logiciel: Auto Web BrasilCard versão 2.0 - (.BrasilCard Ltda.) [HKLM] -- {06DE6E6E-75A0-4A67-8DB1-EEAF5977AF05}_is1
O42 - Logiciel: Epan - (.Panpharma.) [HKLM] -- {D2B2B8E0-6973-46E1-8619-EB874A7D13D8}
O42 - Logiciel: FreeSoundcloudDownloader - (...) [HKLM] -- Free Soundcloud Downloader_is1
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Hypervisual Century 1.10 - (.Hypervisual.) [HKLM] -- Hypervisual Century Slots_is1
O42 - Logiciel: LotoFacil Professional - (...) [HKLM] -- LotoFacil Professional
O42 - Logiciel: MLCombiner 1.00 - (...) [HKLM] -- MLCombiner 1.00
O42 - Logiciel: MU Alfa - (...) [HKLM] -- MU Alfa
O42 - Logiciel: Mu Alfa - (Sem som) - (...) [HKLM] -- Mu Alfa - (Sem som)
O42 - Logiciel: MuHeLLFire Season 4 - (...) [HKLM] -- MuHeLLFire Season 4
O42 - Logiciel: Plantas VS Zombies Repack - (...) [HKLM] -- Plantas VS Zombies Repack
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars
O42 - Logiciel: Project 64 version 2.1.0.1 - (...) [HKLM] -- Project 64_is1
O42 - Logiciel: SafeSign - (.A.E.T. Europe B.V..) [HKLM] -- {66913111-2F8A-4950-AA93-51C26182FC35}
O42 - Logiciel: VALID 1.0.4.0 - (.Valid Certificadora Digital.) [HKLM] -- {D32F77F7-2906-46F9-ABFF-A4A4EB26BFE}_is1
~ Logic: 28 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\A.E.T. Europe B.V.]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\Brasfoot2014]
[HKCU\Software\Brasfoot]
[HKCU\Software\BrowserOptout] =>PUP.Dealply
[HKCU\Software\Elifoot]
[HKCU\Software\FreeSoundcloudDownloader]
[HKCU\Software\GbAs]
[HKCU\Software\Panarello]
[HKCU\Software\Panpharma]
[HKCU\Software\Spolti Technologies]
[HKLM\Software\A.E.T. Europe B.V.]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\BrowserOptout] =>PUP.Dealply
[HKLM\Software\Epan]
[HKLM\Software\Todos Data System AB]
~ Key Software: 281 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/03/2014 - 16:55:26 - [] ----D C:\Program Files\A.E.T. Europe B.V
O43 - CFD: 01/11/2011 - 11:41:10 - [] ----D C:\Program Files\DietwinProfissional
O43 - CFD: 15/10/2013 - 10:42:48 - [] ----D C:\Program Files\FreeSoundcloudDownloader
O43 - CFD: 15/01/2014 - 14:58:41 - [0] ----D C:\Program Files\GUME2EE.tmp
O43 - CFD: 30/01/2014 - 10:38:50 - [] ----D C:\Program Files\MLCombiner 1.00
O43 - CFD: 11/01/2014 - 11:06:52 - [] ----D C:\Program Files\PokerStars
O43 - CFD: 09/11/2011 - 06:44:51 - [] ----D C:\Program Files\Scpad
O43 - CFD: 29/01/2014 - 13:52:16 - [] ----D C:\Program Files\Spolti Technologies
O43 - CFD: 27/03/2014 - 16:55:01 - [] ----D C:\Program Files\VALID
O43 - CFD: 07/05/2014 - 10:27:54 - [] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 22/05/2013 - 07:08:37 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 16/10/2013 - 06:42:07 - [] ----D C:\Users\terminal\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 27/03/2014 - 16:57:54 - [] ----D C:\Users\terminal\AppData\Local\A.E.T. Europe B.V
O43 - CFD: 11/01/2014 - 11:07:00 - [] ----D C:\Users\terminal\AppData\Local\PokerStars
O43 - CFD: 22/01/2013 - 17:53:47 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot 2012
O43 - CFD: 27/02/2014 - 10:18:20 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot2014
O43 - CFD: 12/12/2013 - 16:54:21 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 - 2013
O43 - CFD: 29/01/2014 - 13:52:19 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LotoFacil Professional
O43 - CFD: 30/01/2014 - 10:38:50 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MLCombiner 1.00
O43 - CFD: 16/04/2014 - 09:01:54 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa
O43 - CFD: 14/04/2014 - 11:42:04 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)
O43 - CFD: 15/08/2013 - 09:46:32 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panpharma
O43 - CFD: 04/01/2014 - 07:41:10 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
~ Program Folder: 205 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.04B65EA7352B0B14347DA4EBF365A0BE] - 02/05/2014 - 08:57:48 ---A- . (...) -- C:\ads_err.dbf [135859]
O44 - LFC:[MD5.BE125797A510CD7E9E77D0D79CB989EF] - 06/05/2014 - 17:30:46 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O44 - LFC:[MD5.AF8288D54761B24281343802C05AF21A] - 06/05/2014 - 17:43:59 ---A- . (...) -- C:\Windows\wininit.ini [1538]
O44 - LFC:[MD5.45EFC8BB4DE767CF0A7C3C51792C364A] - 07/05/2014 - 06:53:05 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [5193480]
O44 - LFC:[MD5.876C0B6E6A9918C1C9DDBCC9D8EB46BC] - 07/05/2014 - 06:53:05 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [5959712]
O44 - LFC:[MD5.3754B7C8E4A2E9802DF8CE464D0BF9B1] - 07/05/2014 - 07:26:45 ---A- . (...) -- C:\ads_err.adm [18577]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 07/05/2014 - 10:24:30 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.4071750024C41133F0AA01361ABFD82C] - 07/05/2014 - 10:31:14 ---A- . (...) -- C:\ads_err.adi [20480]
O44 - LFC:[MD5.91C9AC701015EB73C50D8B5002670CB5] - 07/05/2014 - 10:31:14 ---A- . (...) -- C:\ads_err.adt [1027624]
~ Files: 18 Legitimates Filtered in 00mn 03s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{2c71cc2d-f121-11e2-bbae-001cc080bef4}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O51 - MPSK:{54e42632-f058-11e2-be27-001cc080bef4}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O51 - MPSK:{54e42637-f058-11e2-be27-001cc080bef4}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
O51 - MPSK:{54e42644-f058-11e2-be27-001cc080bef4}\AutoRun\command. (...) -- F:\setup.exe (.not file.)
O51 - MPSK:{54e42649-f058-11e2-be27-001cc080bef4}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\BitTorrent [Key] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O53 - SMSR:HKLM\...\startupreg\CertificateRegistration [Key] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:22/01/2007 - 16:02:00 ---A- . (.Todos Data System AB - Argos Mini II Smart Card Reader.) -- C:\Windows\System32\Drivers\AgmIIusb.sys [19456]
O58 - SDL:11/03/2014 - 00:14:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys [47456]
O58 - SDL:14/12/2009 - 11:44:24 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\Windows\System32\Drivers\CSCrySec.sys [88632]
O58 - SDL:14/12/2009 - 11:44:24 ---A- . (.Infowatch - Virtual Volume Container Driver (wxp).) -- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [39352]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [49536]
O58 - SDL:27/03/2014 - 07:59:29 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:20/06/2013 - 21:07:52 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [84248]
O58 - SDL:20/06/2013 - 21:07:52 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 74 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 11/03/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 08/05/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
O64 - Services: CurCS - 10/03/2011 - C:\Windows\System32\DRIVERS\klim6.sys (KLIM6) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
~ Legacy: 83 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.3F3060EF9AD62E64A3236093E3D8C4CE] [SPRF][10/08/2013] (...) -- C:\Users\terminal\AppData\Roaming\unins000.dat [16282]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][10/08/2013] (.No owner - Setup/Uninstall.) -- C:\Users\terminal\AppData\Roaming\unins000.exe [720082]
[MD5.91BBEBD01B68B32D3E60B908E162E99A] [SPRF][22/01/2014] (...) -- C:\Users\terminal\AppData\Roaming\unins001.dat [15481]
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [SPRF][22/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\terminal\AppData\Roaming\unins001.exe [730322]
~ Files: 5 Legitimates Filtered in 00mn 04s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{20C23FCC-5D70-41CF-8D04-826F1AD62892}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{809F33D3-72A7-49D1-9964-6CEA0AB5E5D3}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: Pasta compartilhada da Execução Segura - {047DDC7E-F9C2-11DD-A093-79D855D89593}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\biSetup25548_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\biSetup25548_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_7_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_7_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_Setup_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_Setup_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_Setup_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_Setup_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASMANCS =>PUP.WebGet
~ BTK: 378 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 29/10/2012 206448 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
SS - | Auto 03/07/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/07/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 24/06/2009 136704 | (HP LaserJet Service) . (.HP.) - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
SR - | Auto 26/09/2012 100256 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe
SR - | Auto 18/11/2011 8192 | (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe
SR - | Auto 02/04/2014 4972864 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 09s



---\\ Scâner Aditional (088)
Database Version : 13045 - (07/05/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 7

[HKLM\Software\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn] =>Toolbar.Ask^
[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] =>P2P.BitTorrent^
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn =>Toolbar.Ask^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\terminal\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Windows\KMService.exe =>Hijacker.Office^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\BrowserOptout] =>PUP.Dealply^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\BrowserOptout] =>PUP.Dealply^
C:\Users\terminal\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
~ Additionnel Scan: 243556 Items scanned in 00mn 30s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Office
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Dealply
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.BabSolution
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BrowseMark
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Lollipop
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.MegaBrowse
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.OptimizerPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.TornTV
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.WebGet
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
~ MSI: 14 link(s) detected in 00mn 00s



~ 857 Legitimates filtered by white list
End of the scan (622 lines in 01mn 47s)(0)
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 11:09

Não consigo desinstalar o antivírus baidu 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Não consigo desinstalar o antivírus baidu 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qua 07 maio 2014, 11:56, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 11:19

apport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by terminal at 07/05/2014 11:18:47
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador

========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\terminal\AppData\Local\Temp\uninst1.exe

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\BrowserOptout
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\BrowserOptout
ELIMINÉ CLSID MPSK: {2c71cc2d-f121-11e2-bbae-001cc080bef4}
ELIMINÉ CLSID MPSK: {54e42632-f058-11e2-be27-001cc080bef4}
ELIMINÉ CLSID MPSK: {54e42637-f058-11e2-be27-001cc080bef4}
ELIMINÉ CLSID MPSK: {54e42644-f058-11e2-be27-001cc080bef4}
ELIMINÉ CLSID MPSK: {54e42649-f058-11e2-be27-001cc080bef4}
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup25548_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup25548_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_Setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_Setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\webget_setup_RASMANCS

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (9664) (205.789.479 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {0F3093FA-4763-4C3A-AFD4-FFF4C5160B4B}
ELIMINÉ: {3B5E4C02-E19C-40EA-BE19-F78F3D26A6AB}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Processo memória
36 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
2 : Tarefa planificada
1 : Restauração Sistema


End of clean in 01mn 15s

========== Caminho do ficheiro do relatório ==========
C:\Users\terminal\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/05/2014 11:18:53 [3571]
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 11:20

Não consigo desinstalar o antivírus baidu 772309 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 11:26

~ Relatório do ZHPDiag v2014.5.7.56 - Nicolas Coolman (07/05/2014)
~ Iniciado por terminal (07/05/2014 11:24:08)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
GCIE: Google Chrome v34.0.1847.131

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Internet Security 2012 v12.0.0.374
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (32%) free of 137 GB

---\\ Modo de conexão ao sistema
~ Computer Name: TERMINAL-PC
~ User Name: terminal
~ All Users Names: terminal, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\terminal\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\terminal\AppData\Roaming\
~ %Desktop% : C:\Users\terminal\Desktop\
~ %Favorites% : C:\Users\terminal\Favorites\
~ %LocalAppData% : C:\Users\terminal\AppData\Local\
~ %StartMenu% : C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 44 Go of 137 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 99 Go of 161 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/12/2011 - 23:57:18.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 03:17:56.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 03:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 23:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2010 - 23:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 00:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.19/11/2010 - 23:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.11/03/2011 - 02:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 01:24:48.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.19/11/2010 - 23:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 03:30:18.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/48
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/107
~ Mes Favoris (My Favorites) : 1/33
~ Mes Documents (My Documents) : 2/268
~ Mon Bureau (My Desktop) : 1/155
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.B99C37364701D19F2B5C0A0E1ECCDB80] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [519720] [PID.788]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1608]
[MD5.53DCA61931847E35C950504BFB7559C6] - (.HP - HP LaserJet Service.) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704] [PID.816]
[MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150016] [PID.1648]
[MD5.F6F00E5A9EC32184945931CC6E79B6E2] - (.HP - HP Smart-Install Service.) -- C:\Windows\system32\HPSIsvc.exe [100256] [PID.1684]
[MD5.4635935FC972C582632BF45C26BFCB0E] - (...) -- C:\Windows\system32\srvany.exe [8192] [PID.496]
[MD5.BCA43E19E7013331D99FF788EA6B42A0] - (...) -- C:\Windows\KMService.exe [151552] [PID.1580] =>Hijacker.Office
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.2056]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.2116]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.2124]
[MD5.04F6CBD2BDAB19480F82AB255E56E9DB] - (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe [151552] [PID.2216]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2252]
[MD5.4BF659CCC3AE27A20806381935DC3745] - (...) -- C:\FPopular\Autorizador_Farmacia_Popular.exe [1347584] [PID.2320]
[MD5.C28B68520870A1DE49A5FDC5D79DBD6F] - (...) -- C:\ACBrNFeMonitor\ACBrNFeMonitor.exe [5504000] [PID.2356]
[MD5.6EEE29D055D14F84BEBDD71FA593E060] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files\Scpad\scpVista.exe [368544] [PID.2652]
[MD5.CC907C2FB839D3F92690A25FF8E463BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [4972864] [PID.3032]
[MD5.DBBBB58FE1E953AFAD8D6E38F3D298A5] - (.Sysfar Automação de Drogarias e Farmacias L - SysFar.) -- Z:\SysFar\sysfar.exe [3915264] [PID.3404]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe [841032] [PID.2404]
[MD5.E6DA875D24C3774E045499F6BFA76F30] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7873024] [PID.552]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.2260]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Conselheiro de URLs da Kaspersky v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] Teclado virtual v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkjddnjnldjjnbjahcinkhkchijbjcmn] Ask Toolbar v.25.60909, (Désactivé) =>Toolbar.Ask
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.6.2 (Activé)
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] Anti-Banner v.12.0.0.374 (Désactivé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [terminal]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] . (.Hewlett-Packard Company - HP UT LEDM Driver.) -- C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
O4 - HKLM\..\Run: [CertificateRegistration] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2781968645-2062433568-2845779377-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-2781968645-2062433568-2845779377-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: &Teclado Virtual - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\kbrd.ico
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: NameServer = 201.10.120.2,201.10.120.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{FE7294DF-5392-47C9-A484-17A50B66D547}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Banco Bradesco S.A. - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files\Scpad\scpVista.exe
~ Services: 10 Legitimates Filtered in 00mn 05s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job [278]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\DLL-Files FixerASKUSER [278]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1056]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000Core [1038]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000UA [1090]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
O41 - Driver: (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\Windows\system32\drivers\bndef.sys (.not file.)
O41 - Driver: (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
~ Drivers: 80 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: 18 Wheels of Steel - Across America - (...) [HKLM] -- 18 Wheels of Steel - Across America
O42 - Logiciel: ACBrNFeMonitor2-CAPICOM-0.8.2.3 - (.Projeto ACBr.) [HKLM] -- ACBrNFeMonitor_is1
O42 - Logiciel: Argos Mini II - (.Todos Data System AB.) [HKLM] -- {D84CB492-A248-49BA-8BBF-805A67C38A4E}
O42 - Logiciel: Auto Web BrasilCard versão 2.0 - (.BrasilCard Ltda.) [HKLM] -- {06DE6E6E-75A0-4A67-8DB1-EEAF5977AF05}_is1
O42 - Logiciel: Epan - (.Panpharma.) [HKLM] -- {D2B2B8E0-6973-46E1-8619-EB874A7D13D8}
O42 - Logiciel: FreeSoundcloudDownloader - (...) [HKLM] -- Free Soundcloud Downloader_is1
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKLM] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: GBBD Caixa Economica Federal - (...) [HKLM] -- {5d01f486-f32d-462e-8830-cc1d116e8ece}_is1
O42 - Logiciel: Hypervisual Century 1.10 - (.Hypervisual.) [HKLM] -- Hypervisual Century Slots_is1
O42 - Logiciel: LotoFacil Professional - (...) [HKLM] -- LotoFacil Professional
O42 - Logiciel: MLCombiner 1.00 - (...) [HKLM] -- MLCombiner 1.00
O42 - Logiciel: MU Alfa - (...) [HKLM] -- MU Alfa
O42 - Logiciel: Mu Alfa - (Sem som) - (...) [HKLM] -- Mu Alfa - (Sem som)
O42 - Logiciel: MuHeLLFire Season 4 - (...) [HKLM] -- MuHeLLFire Season 4
O42 - Logiciel: Plantas VS Zombies Repack - (...) [HKLM] -- Plantas VS Zombies Repack
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars
O42 - Logiciel: Project 64 version 2.1.0.1 - (...) [HKLM] -- Project 64_is1
O42 - Logiciel: SafeSign - (.A.E.T. Europe B.V..) [HKLM] -- {66913111-2F8A-4950-AA93-51C26182FC35}
O42 - Logiciel: VALID 1.0.4.0 - (.Valid Certificadora Digital.) [HKLM] -- {D32F77F7-2906-46F9-ABFF-A4A4EB26BFE}_is1
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\A.E.T. Europe B.V.]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Brasfoot2014]
[HKCU\Software\Brasfoot]
[HKCU\Software\Elifoot]
[HKCU\Software\FreeSoundcloudDownloader]
[HKCU\Software\GbAs]
[HKCU\Software\Panarello]
[HKCU\Software\Panpharma]
[HKCU\Software\Spolti Technologies]
[HKLM\Software\A.E.T. Europe B.V.]
[HKLM\Software\AutoHelpDesk]
[HKLM\Software\Epan]
[HKLM\Software\Todos Data System AB]
~ Key Software: 277 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/03/2014 - 16:55:26 - [] ----D C:\Program Files\A.E.T. Europe B.V
O43 - CFD: 01/11/2011 - 11:41:10 - [] ----D C:\Program Files\DietwinProfissional
O43 - CFD: 15/10/2013 - 10:42:48 - [] ----D C:\Program Files\FreeSoundcloudDownloader
O43 - CFD: 15/01/2014 - 14:58:41 - [0] ----D C:\Program Files\GUME2EE.tmp
O43 - CFD: 30/01/2014 - 10:38:50 - [] ----D C:\Program Files\MLCombiner 1.00
O43 - CFD: 11/01/2014 - 11:06:52 - [] ----D C:\Program Files\PokerStars
O43 - CFD: 09/11/2011 - 06:44:51 - [] ----D C:\Program Files\Scpad
O43 - CFD: 29/01/2014 - 13:52:16 - [] ----D C:\Program Files\Spolti Technologies
O43 - CFD: 27/03/2014 - 16:55:01 - [] ----D C:\Program Files\VALID
O43 - CFD: 27/03/2014 - 16:57:54 - [] ----D C:\Users\terminal\AppData\Local\A.E.T. Europe B.V
O43 - CFD: 11/01/2014 - 11:07:00 - [] ----D C:\Users\terminal\AppData\Local\PokerStars
O43 - CFD: 22/01/2013 - 17:53:47 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot 2012
O43 - CFD: 27/02/2014 - 10:18:20 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasfoot2014
O43 - CFD: 12/12/2013 - 16:54:21 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 - 2013
O43 - CFD: 29/01/2014 - 13:52:19 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LotoFacil Professional
O43 - CFD: 30/01/2014 - 10:38:50 - [0] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MLCombiner 1.00
O43 - CFD: 16/04/2014 - 09:01:54 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa
O43 - CFD: 14/04/2014 - 11:42:04 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)
O43 - CFD: 15/08/2013 - 09:46:32 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panpharma
O43 - CFD: 04/01/2014 - 07:41:10 - [] ----D C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
~ Program Folder: 202 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.04B65EA7352B0B14347DA4EBF365A0BE] - 02/05/2014 - 08:57:48 ---A- . (...) -- C:\ads_err.dbf [135859]
O44 - LFC:[MD5.AF8288D54761B24281343802C05AF21A] - 06/05/2014 - 17:43:59 ---A- . (...) -- C:\Windows\wininit.ini [1538]
O44 - LFC:[MD5.45EFC8BB4DE767CF0A7C3C51792C364A] - 07/05/2014 - 06:53:05 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [5193480]
O44 - LFC:[MD5.876C0B6E6A9918C1C9DDBCC9D8EB46BC] - 07/05/2014 - 06:53:05 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [5959712]
O44 - LFC:[MD5.3754B7C8E4A2E9802DF8CE464D0BF9B1] - 07/05/2014 - 07:26:45 ---A- . (...) -- C:\ads_err.adm [18577]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 07/05/2014 - 10:24:30 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll [536576]
O44 - LFC:[MD5.4071750024C41133F0AA01361ABFD82C] - 07/05/2014 - 10:31:14 ---A- . (...) -- C:\ads_err.adi [20480]
O44 - LFC:[MD5.91C9AC701015EB73C50D8B5002670CB5] - 07/05/2014 - 10:31:14 ---A- . (...) -- C:\ads_err.adt [1027624]
~ Files: 17 Legitimates Filtered in 00mn 03s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\BitTorrent [Key] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O53 - SMSR:HKLM\...\startupreg\CertificateRegistration [Key] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:22/01/2007 - 16:02:00 ---A- . (.Todos Data System AB - Argos Mini II Smart Card Reader.) -- C:\Windows\System32\Drivers\AgmIIusb.sys [19456]
O58 - SDL:14/12/2009 - 11:44:24 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\Windows\System32\Drivers\CSCrySec.sys [88632]
O58 - SDL:14/12/2009 - 11:44:24 ---A- . (.Infowatch - Virtual Volume Container Driver (wxp).) -- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [39352]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys [49536]
O58 - SDL:27/03/2014 - 07:59:29 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys [29400]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:20/06/2013 - 21:07:52 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [84248]
O58 - SDL:20/06/2013 - 21:07:52 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181912]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 73 Legitimates Filtered in 00mn 08s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 04/06/1742 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 08/05/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
O64 - Services: CurCS - 10/03/2011 - C:\Windows\System32\DRIVERS\klim6.sys (KLIM6) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
~ Legacy: 83 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.3F3060EF9AD62E64A3236093E3D8C4CE] [SPRF][10/08/2013] (...) -- C:\Users\terminal\AppData\Roaming\unins000.dat [16282]
[MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][10/08/2013] (.No owner - Setup/Uninstall.) -- C:\Users\terminal\AppData\Roaming\unins000.exe [720082]
[MD5.91BBEBD01B68B32D3E60B908E162E99A] [SPRF][22/01/2014] (...) -- C:\Users\terminal\AppData\Roaming\unins001.dat [15481]
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [SPRF][22/01/2014] (.No owner - Setup/Uninstall.) -- C:\Users\terminal\AppData\Roaming\unins001.exe [730322]
~ Files: 5 Legitimates Filtered in 00mn 10s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{20C23FCC-5D70-41CF-8D04-826F1AD62892}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{809F33D3-72A7-49D1-9964-6CEA0AB5E5D3}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: Pasta compartilhada da Execução Segura - {047DDC7E-F9C2-11DD-A093-79D855D89593}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_7_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_7_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_RASMANCS =>P2P.BitTorrent
~ BTK: 356 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 29/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 29/10/2012 206448 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
SS - | Auto 03/07/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/07/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 21/02/2014 519720 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe
SR - | Auto 24/06/2009 136704 | (HP LaserJet Service) . (.HP.) - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
SR - | Auto 26/09/2012 100256 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe
SR - | Auto 18/11/2011 8192 | (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
SR - | Auto 05/08/2011 368544 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files\Scpad\scpVista.exe
SR - | Auto 02/04/2014 4972864 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13045 - (07/05/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKLM\Software\Google\Chrome\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn] =>Toolbar.Ask^
[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] =>P2P.BitTorrent^
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkjddnjnldjjnbjahcinkhkchijbjcmn =>Toolbar.Ask^
C:\Windows\KMService.exe =>Hijacker.Office^
~ Additionnel Scan: 240242 Items scanned in 00mn 26s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Office
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ MSI: 2 link(s) detected in 00mn 00s



~ 837 Legitimates filtered by white list
End of the scan (557 lines in 01mn 38s)(0)
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 11:49

Não consigo desinstalar o antivírus baidu 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Não consigo desinstalar o antivírus baidu 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Qua 07 maio 2014, 11:56, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 11:51

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by terminal at 07/05/2014 11:51:10
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 02s)

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ Driver Key: Bprotect

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (4) (1.389.738 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
5 : Chaves do Registo
1 : Pastas
2 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema


End of clean in 00mn 11s

========== Caminho do ficheiro do relatório ==========
C:\Users\terminal\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/05/2014 11:18:53 [3654]
C:\Users\terminal\AppData\Roaming\ZHP\ZHPFix[R2].txt - 07/05/2014 11:51:12 [1121]
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 11:55

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho)

Obs: Ao acessar o link acima, clique no botão Download Now 32-Bit Version

Execute o Farbar seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt

Poste estes dois relatórios em sua próxima resposta. (Obs: se não couber em uma só resposta, pode dividi-la em mais postagens).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 11:58

can result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014
Ran by terminal (administrator) on TERMINAL-PC on 07-05-2014 11:57:06
Running from C:\Users\terminal\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Windows\System32\srvany.exe
() C:\Windows\KMService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\FPopular\Autorizador_Farmacia_Popular.exe
() C:\ACBrNFeMonitor\ACBrNFeMonitor.exe
(Banco Bradesco S.A.) C:\Program Files\Scpad\scpVista.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Sysfar Automação de Drogarias e Farmacias Ltda.) \\servidor1\c\SysFar\sysfar.exe
(Sysfar Automação de Drogarias e Farmacias Ltda.) \\servidor1\c\SysFar\sysfar.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [151552 2011-03-24] (A.E.T. Europe B.V.)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-2781968645-2062433568-2845779377-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\S-1-5-21-2781968645-2062433568-2845779377-1000\...\Run: [Google Update] => C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-21] (Google Inc.)
HKU\S-1-5-21-2781968645-2062433568-2845779377-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Autorizador Farmácia Popular.lnk
ShortcutTarget: Autorizador Farmácia Popular.lnk -> C:\FPopular\Autorizador_Farmacia_Popular.exe ()
Startup: C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACBrNFeMonitor.lnk
ShortcutTarget: ACBrNFeMonitor.lnk -> C:\ACBrNFeMonitor\ACBrNFeMonitor.exe ()
SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll (Banco Bradesco S.A.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2C210E8418FCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll (Banco Bradesco S.A.)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE7294DF-5392-47C9-A484-17A50B66D547}: [NameServer]201.10.120.2,201.10.120.3

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\terminal\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\terminal\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/bb - C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\terminal\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Shockwave Flash) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Conselheiro de URLs da Kaspersky) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-05-22]
CHR Extension: (Teclado virtual) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-05-22]
CHR Extension: (Google Wallet) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-02-18]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2013-08-10]
CHR Extension: (Anti-Banner) - C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-05-22]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx [2011-06-20]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx [2011-06-20]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx [2011-06-20]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-08-10]
CHR StartMenuInternet: Google Chrome - C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP)
R2 KMService; C:\Windows\system32\srvany.exe [8192 2011-11-18] ()
R2 scpVista; C:\Program Files\Scpad\scpVista.exe [368544 2011-08-05] (Banco Bradesco S.A.)

==================== Drivers (Whitelisted) ====================

S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfo.sys [15152 2007-09-25] ()
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [133208 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [586072 2012-10-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [23856 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19984 2009-11-02] (Kaspersky Lab)
R1 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-03-27] (GAS Tecnologia)
R0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 mdf16; \??\C:\Users\terminal\AppData\Local\Temp\mdf16.sys [X]
S3 mvd23; \??\C:\Users\terminal\AppData\Local\Temp\mvd23.sys [X]
S3 NdisrdMP; system32\DRIVERS\gbpndisrd.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 11:57 - 2014-05-07 11:57 - 00014125 _____ () C:\Users\terminal\Downloads\FRST.txt
2014-05-07 11:56 - 2014-05-07 11:57 - 00000000 ____D () C:\FRST
2014-05-07 11:56 - 2014-05-07 11:56 - 01053184 _____ (Farbar) C:\Users\terminal\Downloads\FRST.exe
2014-05-07 11:25 - 2014-05-07 11:25 - 00038230 _____ () C:\Users\terminal\Desktop\ZHPDiag.txt
2014-05-07 11:18 - 2014-05-07 11:51 - 00001204 _____ () C:\Users\terminal\Desktop\ZHPFixReport.txt
2014-05-07 11:05 - 2014-05-07 10:23 - 00000000 ____D () C:\Users\terminal\Desktop\Nova pasta (2)
2014-05-07 10:41 - 2014-05-07 11:51 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\ZHP
2014-05-07 10:41 - 2014-05-07 11:24 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-05-07 10:41 - 2014-05-07 10:41 - 00001937 _____ () C:\Users\terminal\Desktop\ZHPFix.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00001810 _____ () C:\Users\terminal\Desktop\ZHPDiag.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-07 10:39 - 2014-05-07 10:41 - 06779440 _____ (Nicolas Coolman ) C:\Users\terminal\Downloads\ZHPDiag2.exe
2014-05-07 10:37 - 2014-05-07 10:37 - 00002313 _____ () C:\Users\terminal\Desktop\JRT.txt
2014-05-07 10:34 - 2014-05-07 10:34 - 01016261 _____ (Thisisu) C:\Users\terminal\Downloads\JRT (1).exe
2014-05-07 10:34 - 2014-05-07 10:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 10:31 - 2014-05-07 10:31 - 01016261 _____ (Thisisu) C:\Users\terminal\Downloads\JRT.exe
2014-05-07 10:26 - 2014-05-07 10:26 - 00000790 _____ () C:\Windows\PFRO.log
2014-05-07 10:26 - 2014-05-07 10:26 - 00000056 _____ () C:\Windows\setupact.log
2014-05-07 10:26 - 2014-05-07 10:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 10:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-07 10:23 - 2014-05-07 10:25 - 00000000 ____D () C:\AdwCleaner
2014-05-07 08:38 - 2014-05-07 08:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\terminal\Downloads\SpyHunter-Installer.exe
2014-05-07 08:07 - 2014-05-07 08:07 - 04745984 _____ (Piriform Ltd) C:\Users\terminal\Downloads\97-ccsetup413.exe
2014-05-07 08:07 - 2014-05-07 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-07 08:07 - 2014-05-07 08:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-07 08:03 - 2014-05-07 08:04 - 00639696 _____ () C:\Users\terminal\Downloads\ccleaner-4134693-32-bits.exe
2014-05-07 07:56 - 2014-05-06 16:45 - 251931456 _____ (Kaspersky Lab) C:\Users\terminal\Desktop\kis2014_14.0.0.4651pt-br.exe
2014-05-06 17:32 - 2014-05-06 17:44 - 00000000 ____D () C:\Users\terminal\AppData\Local\cache
2014-05-06 17:32 - 2014-05-06 17:32 - 00000000 ____D () C:\Users\terminal\.android
2014-05-06 17:25 - 2014-05-06 17:25 - 11493480 _____ (OPSWAT, Inc.) C:\Users\terminal\Downloads\666-AppRemover.exe
2014-05-06 17:22 - 2014-05-06 17:22 - 00639696 _____ () C:\Users\terminal\Downloads\appremover-31121-32-bits.exe
2014-05-06 17:16 - 2014-05-06 17:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-06 17:14 - 2014-05-06 17:14 - 00508816 _____ (Firseria) C:\Users\terminal\Downloads\Revo Uninstaller.exe
2014-05-06 17:08 - 2014-05-06 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-06 16:06 - 2014-05-06 16:45 - 251931456 _____ (Kaspersky Lab) C:\Users\terminal\Downloads\kis2014_14.0.0.4651pt-br.exe
2014-05-06 13:41 - 2014-05-06 13:41 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2014-05-06 13:41 - 2014-05-06 13:41 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-05-06 11:09 - 2014-05-06 11:12 - 00000000 ____D () C:\Users\terminal\Downloads\material
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\Users\Todos os Usuários\Desktop\aTube Catcher.lnk
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\ProgramData\Desktop\aTube Catcher.lnk
2014-05-05 10:51 - 2014-05-05 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-05-05 10:37 - 2014-05-05 10:50 - 17282640 _____ (DsNET Corp) C:\Users\terminal\Downloads\aTubeCatcher.exe
2014-05-05 08:08 - 2014-05-05 09:37 - 269617351 _____ () C:\Users\terminal\Downloads\HJAOVIVOPALMAS.rmvb
2014-05-05 07:52 - 2014-05-05 07:52 - 00003511 _____ () C:\Users\terminal\Downloads\comprovante (6).html
2014-05-05 07:50 - 2014-05-05 07:50 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (5).html
2014-05-03 07:36 - 2014-05-03 08:38 - 393653308 _____ () C:\Users\terminal\Downloads\BNS.4X25.A-Vingan--a.rar
2014-05-02 07:55 - 2014-05-02 07:55 - 00003318 _____ () C:\Users\terminal\Downloads\comprovante (4).html
2014-04-30 13:46 - 2014-04-30 13:47 - 368483426 _____ () C:\Users\terminal\Downloads\Bones.7x03.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 12:52 - 2014-04-30 12:52 - 371939614 _____ () C:\Users\terminal\Downloads\Bones.7x02.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 09:25 - 2014-04-30 09:25 - 372001783 _____ () C:\Users\terminal\Downloads\Bones.7x01.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 08:07 - 2014-04-30 08:08 - 00067173 _____ () C:\Users\terminal\Downloads\goudyhan.zip
2014-04-28 11:30 - 2014-04-28 11:30 - 00054700 _____ () C:\Users\terminal\Downloads\Naruto-Completo-%2b-Shippuuden-%2b-filmes.html
2014-04-28 07:49 - 2014-04-28 07:49 - 00003323 _____ () C:\Users\terminal\Downloads\comprovante (3).html
2014-04-26 10:17 - 2014-04-28 14:50 - 00000000 ____D () C:\Users\terminal\Downloads\Californication Season 3
2014-04-25 15:20 - 2014-04-25 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-04-25 15:20 - 2014-04-25 15:20 - 00000000 ____D () C:\Program Files\Project64 2.1
2014-04-24 11:04 - 2014-04-24 11:07 - 04508685 _____ () C:\Users\terminal\Downloads\Project64_2_1.zip
2014-04-24 10:51 - 2014-04-24 11:01 - 29997594 _____ () C:\Users\terminal\Downloads\Perf_D.zip
2014-04-24 08:06 - 2014-04-24 08:06 - 00880519 _____ () C:\Users\terminal\Downloads\Cfn S01 a S04 [SériesinTorrent].rar
2014-04-24 07:59 - 2014-04-24 07:59 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (2).html
2014-04-23 17:52 - 2014-04-23 17:52 - 00098033 _____ () C:\Users\terminal\Downloads\Logística 2.1.pptx
2014-04-22 08:55 - 2014-04-22 08:56 - 05807302 _____ () C:\Users\terminal\Downloads\tabpreco.zip
2014-04-17 16:00 - 2014-04-17 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuHeLLFire Season 4
2014-04-17 11:29 - 2014-04-17 15:48 - 259908232 _____ () C:\Users\terminal\Downloads\Client_MuHeLLFireS4_Sem_Som.exe
2014-04-17 09:58 - 2014-04-17 10:04 - 05945329 _____ () C:\Users\terminal\Downloads\patch.rar
2014-04-17 08:01 - 2014-04-17 08:01 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (1).html
2014-04-16 09:01 - 2014-04-16 09:01 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa
2014-04-15 09:02 - 2014-04-15 09:02 - 00086187 _____ () C:\Users\terminal\Downloads\darkstats.rar
2014-04-14 14:44 - 2014-04-14 14:44 - 00003323 _____ () C:\Users\terminal\Downloads\comprovante.html
2014-04-14 11:42 - 2014-04-14 11:42 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)
2014-04-12 10:12 - 2014-04-12 10:12 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\PowerISO
2014-04-12 09:36 - 2014-04-12 09:36 - 00038428 _____ () C:\Users\terminal\Downloads\f1.career.challenge.torrent
2014-04-11 10:37 - 2014-04-11 10:49 - 00115955 _____ () C:\Users\terminal\Documents\trabalho.pptx
2014-04-11 08:24 - 2014-04-11 08:24 - 00129912 _____ () C:\Users\terminal\Downloads\O Modal Do Transporte Rodoviário.pptx
2014-04-09 16:08 - 2014-04-09 16:08 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-09 16:07 - 2014-04-09 16:09 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\TeamViewer
2014-04-08 17:42 - 2013-11-04 03:22 - 405157888 _____ () C:\Users\terminal\Downloads\TITANIC.2012.S01E01.avi
2014-04-07 11:45 - 2014-04-07 11:45 - 00245581 _____ () C:\Users\terminal\Downloads\Titanic BaS - 1ª Temp [SeriesinTorrent].rar

==================== One Month Modified Files and Folders =======

2014-05-07 11:57 - 2014-05-07 11:57 - 00014125 _____ () C:\Users\terminal\Downloads\FRST.txt
2014-05-07 11:57 - 2014-05-07 11:56 - 00000000 ____D () C:\FRST
2014-05-07 11:56 - 2014-05-07 11:56 - 01053184 _____ (Farbar) C:\Users\terminal\Downloads\FRST.exe
2014-05-07 11:51 - 2014-05-07 11:18 - 00001204 _____ () C:\Users\terminal\Desktop\ZHPFixReport.txt
2014-05-07 11:51 - 2014-05-07 10:41 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\ZHP
2014-05-07 11:33 - 2012-07-03 11:28 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 11:29 - 2009-07-14 01:34 - 00025216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 11:29 - 2009-07-14 01:34 - 00025216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 11:25 - 2014-05-07 11:25 - 00038230 _____ () C:\Users\terminal\Desktop\ZHPDiag.txt
2014-05-07 11:24 - 2014-05-07 10:41 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-05-07 11:17 - 2011-10-21 08:47 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000UA.job
2014-05-07 10:58 - 2013-12-27 16:31 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 10:41 - 2014-05-07 10:41 - 00001937 _____ () C:\Users\terminal\Desktop\ZHPFix.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00001810 _____ () C:\Users\terminal\Desktop\ZHPDiag.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-05-07 10:41 - 2014-05-07 10:39 - 06779440 _____ (Nicolas Coolman ) C:\Users\terminal\Downloads\ZHPDiag2.exe
2014-05-07 10:37 - 2014-05-07 10:37 - 00002313 _____ () C:\Users\terminal\Desktop\JRT.txt
2014-05-07 10:34 - 2014-05-07 10:34 - 01016261 _____ (Thisisu) C:\Users\terminal\Downloads\JRT (1).exe
2014-05-07 10:34 - 2014-05-07 10:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 10:31 - 2014-05-07 10:31 - 01016261 _____ (Thisisu) C:\Users\terminal\Downloads\JRT.exe
2014-05-07 10:31 - 2009-05-04 10:04 - 01027624 _____ () C:\ads_err.adt
2014-05-07 10:31 - 2009-05-04 10:04 - 00020480 _____ () C:\ads_err.adi
2014-05-07 10:30 - 2012-07-14 06:59 - 00000654 _____ () C:\Users\terminal\Desktop\Suporte Sysfar.lnk
2014-05-07 10:28 - 2011-10-21 10:36 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-05-07 10:28 - 2011-10-21 10:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-07 10:27 - 2012-07-03 11:28 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 10:26 - 2014-05-07 10:26 - 00000790 _____ () C:\Windows\PFRO.log
2014-05-07 10:26 - 2014-05-07 10:26 - 00000056 _____ () C:\Windows\setupact.log
2014-05-07 10:26 - 2014-05-07 10:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-07 10:26 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 10:25 - 2014-05-07 10:23 - 00000000 ____D () C:\AdwCleaner
2014-05-07 10:25 - 2011-10-20 12:53 - 00000000 ____D () C:\Users\terminal
2014-05-07 10:23 - 2014-05-07 11:05 - 00000000 ____D () C:\Users\terminal\Desktop\Nova pasta (2)
2014-05-07 08:38 - 2014-05-07 08:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\terminal\Downloads\SpyHunter-Installer.exe
2014-05-07 08:28 - 2013-07-18 14:52 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\DAEMON Tools Lite
2014-05-07 08:28 - 2012-03-21 08:06 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\BitTorrent
2014-05-07 08:28 - 2011-11-26 10:11 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Vso
2014-05-07 08:28 - 2011-10-22 10:45 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Media Player Classic
2014-05-07 08:27 - 2011-11-09 17:19 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 08:27 - 2011-01-20 22:58 - 00000000 ____D () C:\Windows\Panther
2014-05-07 08:07 - 2014-05-07 08:07 - 04745984 _____ (Piriform Ltd) C:\Users\terminal\Downloads\97-ccsetup413.exe
2014-05-07 08:07 - 2014-05-07 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-07 08:07 - 2014-05-07 08:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-07 08:04 - 2014-05-07 08:03 - 00639696 _____ () C:\Users\terminal\Downloads\ccleaner-4134693-32-bits.exe
2014-05-07 07:26 - 2009-05-04 10:04 - 00018577 _____ () C:\ads_err.adm
2014-05-07 07:10 - 2013-08-10 06:53 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-05-07 07:10 - 2013-08-10 06:53 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-05-07 06:53 - 2011-01-20 22:14 - 00004754 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 06:53 - 2009-07-14 05:31 - 05959712 _____ () C:\Windows\system32\prfh0416.dat
2014-05-07 06:53 - 2009-07-14 05:31 - 05193480 _____ () C:\Windows\system32\prfc0416.dat
2014-05-07 06:46 - 2011-11-02 08:19 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-05-07 06:46 - 2011-11-02 08:19 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-05-06 17:44 - 2014-05-06 17:32 - 00000000 ____D () C:\Users\terminal\AppData\Local\cache
2014-05-06 17:43 - 2014-03-24 10:07 - 00001538 _____ () C:\Windows\wininit.ini
2014-05-06 17:32 - 2014-05-06 17:32 - 00000000 ____D () C:\Users\terminal\.android
2014-05-06 17:25 - 2014-05-06 17:25 - 11493480 _____ (OPSWAT, Inc.) C:\Users\terminal\Downloads\666-AppRemover.exe
2014-05-06 17:22 - 2014-05-06 17:22 - 00639696 _____ () C:\Users\terminal\Downloads\appremover-31121-32-bits.exe
2014-05-06 17:17 - 2011-10-21 08:47 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000Core.job
2014-05-06 17:16 - 2014-05-06 17:16 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-06 17:14 - 2014-05-06 17:14 - 00508816 _____ (Firseria) C:\Users\terminal\Downloads\Revo Uninstaller.exe
2014-05-06 17:10 - 2014-05-06 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-06 17:10 - 2009-07-13 23:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-06 16:45 - 2014-05-07 07:56 - 251931456 _____ (Kaspersky Lab) C:\Users\terminal\Desktop\kis2014_14.0.0.4651pt-br.exe
2014-05-06 16:45 - 2014-05-06 16:06 - 251931456 _____ (Kaspersky Lab) C:\Users\terminal\Downloads\kis2014_14.0.0.4651pt-br.exe
2014-05-06 13:41 - 2014-05-06 13:41 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2014-05-06 13:41 - 2014-05-06 13:41 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-05-06 11:12 - 2014-05-06 11:09 - 00000000 ____D () C:\Users\terminal\Downloads\material
2014-05-05 12:30 - 2011-10-29 07:20 - 00000000 ____D () C:\ACBrNFeMonitor
2014-05-05 11:18 - 2011-10-21 10:44 - 00000000 ____D () C:\Users\terminal\Documents\FFOutput
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\Users\Todos os Usuários\Desktop\aTube Catcher.lnk
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-05-05 10:52 - 2014-05-05 10:52 - 00001148 _____ () C:\ProgramData\Desktop\aTube Catcher.lnk
2014-05-05 10:51 - 2014-05-05 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-05-05 10:51 - 2013-04-18 16:49 - 00000000 ____D () C:\Program Files\DsNET Corp
2014-05-05 10:50 - 2014-05-05 10:37 - 17282640 _____ (DsNET Corp) C:\Users\terminal\Downloads\aTubeCatcher.exe
2014-05-05 09:37 - 2014-05-05 08:08 - 269617351 _____ () C:\Users\terminal\Downloads\HJAOVIVOPALMAS.rmvb
2014-05-05 07:52 - 2014-05-05 07:52 - 00003511 _____ () C:\Users\terminal\Downloads\comprovante (6).html
2014-05-05 07:50 - 2014-05-05 07:50 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (5).html
2014-05-05 06:55 - 2011-10-21 16:12 - 00000000 ____D () C:\Users\terminal\Desktop\sngpc
2014-05-03 08:38 - 2014-05-03 07:36 - 393653308 _____ () C:\Users\terminal\Downloads\BNS.4X25.A-Vingan--a.rar
2014-05-02 08:57 - 2009-06-03 21:39 - 00135859 _____ () C:\ads_err.dbf
2014-05-02 07:55 - 2014-05-02 07:55 - 00003318 _____ () C:\Users\terminal\Downloads\comprovante (4).html
2014-04-30 13:47 - 2014-04-30 13:46 - 368483426 _____ () C:\Users\terminal\Downloads\Bones.7x03.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 12:52 - 2014-04-30 12:52 - 371939614 _____ () C:\Users\terminal\Downloads\Bones.7x02.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 09:25 - 2014-04-30 09:25 - 372001783 _____ () C:\Users\terminal\Downloads\Bones.7x01.UpBy-([Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
2014-04-30 08:08 - 2014-04-30 08:07 - 00067173 _____ () C:\Users\terminal\Downloads\goudyhan.zip
2014-04-29 09:00 - 2012-04-18 06:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 09:00 - 2011-10-20 13:32 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 07:24 - 2012-10-02 16:30 - 00099328 _____ () C:\Users\terminal\Desktop\Capa Controlados.xls
2014-04-28 14:50 - 2014-04-26 10:17 - 00000000 ____D () C:\Users\terminal\Downloads\Californication Season 3
2014-04-28 11:30 - 2014-04-28 11:30 - 00054700 _____ () C:\Users\terminal\Downloads\Naruto-Completo-%2b-Shippuuden-%2b-filmes.html
2014-04-28 07:49 - 2014-04-28 07:49 - 00003323 _____ () C:\Users\terminal\Downloads\comprovante (3).html
2014-04-25 15:20 - 2014-04-25 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-04-25 15:20 - 2014-04-25 15:20 - 00000000 ____D () C:\Program Files\Project64 2.1
2014-04-24 11:07 - 2014-04-24 11:04 - 04508685 _____ () C:\Users\terminal\Downloads\Project64_2_1.zip
2014-04-24 11:01 - 2014-04-24 10:51 - 29997594 _____ () C:\Users\terminal\Downloads\Perf_D.zip
2014-04-24 08:06 - 2014-04-24 08:06 - 00880519 _____ () C:\Users\terminal\Downloads\Cfn S01 a S04 [SériesinTorrent].rar
2014-04-24 07:59 - 2014-04-24 07:59 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (2).html
2014-04-23 17:52 - 2014-04-23 17:52 - 00098033 _____ () C:\Users\terminal\Downloads\Logística 2.1.pptx
2014-04-22 08:56 - 2014-04-22 08:55 - 05807302 _____ () C:\Users\terminal\Downloads\tabpreco.zip
2014-04-17 16:54 - 2013-06-27 10:13 - 00000000 __SHD () C:\Users\terminal\AppData\Local\.#
2014-04-17 16:00 - 2014-04-17 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuHeLLFire Season 4
2014-04-17 15:48 - 2014-04-17 11:29 - 259908232 _____ () C:\Users\terminal\Downloads\Client_MuHeLLFireS4_Sem_Som.exe
2014-04-17 10:04 - 2014-04-17 09:58 - 05945329 _____ () C:\Users\terminal\Downloads\patch.rar
2014-04-17 08:01 - 2014-04-17 08:01 - 00003320 _____ () C:\Users\terminal\Downloads\comprovante (1).html
2014-04-16 09:01 - 2014-04-16 09:01 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa
2014-04-15 16:27 - 2014-03-27 07:55 - 00000278 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-04-15 09:02 - 2014-04-15 09:02 - 00086187 _____ () C:\Users\terminal\Downloads\darkstats.rar
2014-04-14 14:44 - 2014-04-14 14:44 - 00003323 _____ () C:\Users\terminal\Downloads\comprovante.html
2014-04-14 11:42 - 2014-04-14 11:42 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)
2014-04-14 06:58 - 2011-10-29 07:18 - 00000000 ____D () C:\Users\terminal\AppData\Local\Adobe
2014-04-12 10:12 - 2014-04-12 10:12 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\PowerISO
2014-04-12 09:36 - 2014-04-12 09:36 - 00038428 _____ () C:\Users\terminal\Downloads\f1.career.challenge.torrent
2014-04-11 10:49 - 2014-04-11 10:37 - 00115955 _____ () C:\Users\terminal\Documents\trabalho.pptx
2014-04-11 08:24 - 2014-04-11 08:24 - 00129912 _____ () C:\Users\terminal\Downloads\O Modal Do Transporte Rodoviário.pptx
2014-04-10 17:23 - 2011-10-21 08:47 - 00109208 _____ () C:\Users\terminal\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 06:43 - 2009-07-14 01:33 - 00408592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 16:09 - 2014-04-09 16:07 - 00000000 ____D () C:\Users\terminal\AppData\Roaming\TeamViewer
2014-04-09 16:08 - 2014-04-09 16:08 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-09 16:08 - 2011-10-20 14:07 - 00000000 ____D () C:\Program Files\TeamViewer
2014-04-07 11:45 - 2014-04-07 11:45 - 00245581 _____ () C:\Users\terminal\Downloads\Titanic BaS - 1ª Temp [SeriesinTorrent].rar
2014-04-07 08:10 - 2014-04-05 11:24 - 00000000 ____D () C:\Users\terminal\Downloads\Titanic - Blood and Steel - Complete 12eps Avi and Mp4

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 12:37

==================== End Of Log ============================
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 11:58

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-05-2014
Ran by terminal at 2014-05-07 11:57:28
Running from C:\Users\terminal\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

18 Wheels of Steel - Across America (HKLM\...\18 Wheels of Steel - Across America) (Version: - )
ACBrNFeMonitor2-CAPICOM-0.8.2.3 (HKLM\...\ACBrNFeMonitor_is1) (Version: - Projeto ACBr)
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Argos Mini II (HKLM\...\{D84CB492-A248-49BA-8BBF-805A67C38A4E}) (Version: 3.3.0.0 - Todos Data System AB)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Auto Web BrasilCard versão 2.0 (HKLM\...\{06DE6E6E-75A0-4A67-8DB1-EEAF5977AF05}_is1) (Version: 2.0 - BrasilCard Ltda)
Autorizador Farmácia Popular 1.8 - PRODUÇÃO (HKLM\...\Autorizador Farmácia Popular 1.8 - PRODUÇÃO_is1) (Version: - Bitshop Informática Ltda)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDisplay 1.8 (HKLM\...\CDisplay_is1) (Version: - dvd8n)
Chica Password Manager 2.0 2.0.0.8 (HKLM\...\Chica Password Manager 2.0_is1) (Version: 2.0 - ChicaLogic, Inc.)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
Dll-Files Fixer (HKLM\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Epan (HKLM\...\{D2B2B8E0-6973-46E1-8619-EB874A7D13D8}) (Version: 6.00 - Panpharma)
FreeSoundcloudDownloader (HKLM\...\Free Soundcloud Downloader_is1) (Version: - )
GBBD Banco do Brasil (HKLM\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: GBBD Banco do Brasil - )
GBBD Caixa Economica Federal (HKLM\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Scanjet G2410 and 2400 (HKLM\...\{E5B04674-1885-4B08-BAE7-ECDEC1F84677}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
hpg2410 (Version: 13.0.0.0 - Nome de sua empresa:) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
hppLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Hypervisual Century 1.10 (HKLM\...\Hypervisual Century Slots_is1) (Version: 1.10 - Hypervisual)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Kaspersky Internet Security 2012 (HKLM\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (Version: 12.0.0.374 - Kaspersky Lab) Hidden
K-Lite Mega Codec Pack 7.8.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
LotoFacil Professional (HKLM\...\LotoFacil Professional) (Version: - )
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaCoder 0.8.22.5525 (HKLM\...\MediaCoder) (Version: 0.8.22.5525 - Broad Intelligence)
Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0416-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SOAP Toolkit 3.0 (HKLM\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
MLCombiner 1.00 (HKLM\...\MLCombiner 1.00) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mu Alfa - (Sem som) (HKLM\...\Mu Alfa - (Sem som)) (Version: - )
MU Alfa (HKLM\...\MU Alfa) (Version: - )
MuHeLLFire Season 4 (HKLM\...\MuHeLLFire Season 4) (Version: - )
Multilizer PDF Translator (Build 8.0.3) (HKLM\...\Multilizer PDF Translator_is1) (Version: - Rex Partners)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Plantas VS Zombies Repack (HKLM\...\Plantas VS Zombies Repack) (Version: - )
PokerStars (HKLM\...\PokerStars) (Version: - PokerStars)
Project 64 version 2.1.0.1 (HKLM\...\Project 64_is1) (Version: 2.1.0.1 - )
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeSign (HKLM\...\{66913111-2F8A-4950-AA93-51C26182FC35}) (Version: 3.0.45 - A.E.T. Europe B.V.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SCR3xxx Smart Card Reader (HKLM\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Skype™️ 6.7 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
UltraVNC 1.0.8.2 (HKLM\...\Ultravnc2_is1) (Version: 1.0.8.2 - 1.0.8.2)
VALID 1.0.4.0 (HKLM\...\{D32F77F7-2906-46F9-ABFF-A4A4EB26BFE}_is1) (Version: 1.0.4.0 - Valid Certificadora Digital)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}) (Version: 17.0.10283 - WinZip Computing, S.L. )
ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Restore Points =========================

03-05-2014 14:40:31 Ponto de Verificação Agendado
07-05-2014 14:17:45 ZHPFix Restore System Point
07-05-2014 14:51:02 ZHPFix Restore System Point

==================== Hosts content: ==========================

2009-07-13 23:04 - 2014-01-22 09:45 - 00000864 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

Task: {069BC8FE-B8A7-46D7-9A95-C720FE31D552} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {12ACEDFB-6F35-4994-B339-1395EFC00989} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000Core => C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {2150D279-851B-4BDA-9757-03D84AAF0A38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {596185B4-FA0C-4812-91DB-1FCEDDC405B6} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: {A45EFF2B-0110-4706-8F33-56655ACF7E09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {ADBCE3E3-C043-436A-B9F2-65433A5B6059} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000UA => C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-21] (Google Inc.)
Task: {C9D23729-F6F2-42F8-86CE-1279E20FB8CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {EEE19F2E-6734-4ED5-90F5-95A1DA1AF428} - System32\Tasks\RDReminder => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000Core.job => C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2781968645-2062433568-2845779377-1000UA.job => C:\Users\terminal\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-22 16:04 - 2012-08-31 14:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2014-01-22 16:04 - 2012-08-31 14:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2014-01-22 16:02 - 2012-09-26 02:45 - 00081920 _____ () C:\Windows\system32\mvusbews.DLL
2011-10-21 09:00 - 2011-11-18 16:21 - 00008192 _____ () C:\Windows\system32\srvany.exe
2011-10-21 09:00 - 2011-11-18 16:21 - 00151552 _____ () C:\Windows\KMService.exe
2011-06-10 13:36 - 2011-10-17 16:26 - 01347584 _____ () C:\FPopular\Autorizador_Farmacia_Popular.exe
2011-06-10 13:36 - 2011-01-28 09:38 - 00651264 _____ () C:\FPopular\gbasmsb_library.dll
2011-10-29 07:20 - 2014-02-25 11:34 - 05504000 _____ () C:\ACBrNFeMonitor\ACBrNFeMonitor.exe
2011-06-01 15:44 - 2008-09-30 15:53 - 00327680 _____ () Z:\SysFar\xHBZipDll.dll
2014-02-06 10:18 - 2011-10-06 13:48 - 00984064 _____ () Z:\SysFar\libxml2.dll
2014-02-06 10:18 - 2011-10-06 13:48 - 00073728 _____ () Z:\SysFar\zlib1.dll
2014-02-06 10:18 - 2011-10-06 13:48 - 00311296 _____ () Z:\SysFar\libxmlsec.dll
2014-02-06 10:18 - 2011-10-06 13:48 - 00166912 _____ () Z:\SysFar\libxslt.dll
2014-02-06 10:18 - 2011-10-06 13:48 - 00149504 _____ () Z:\SysFar\libxmlsec-openssl.dll
2011-06-21 10:34 - 2011-05-23 13:46 - 02359296 _____ () Z:\SysFar\LIBMYSQL.dll
2014-02-06 10:18 - 2014-04-08 16:40 - 16505856 _____ () Z:\SysFar\scr.sfr
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-28 17:40 - 2014-04-23 21:33 - 00065352 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 00674632 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 00093000 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 04081480 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 00390472 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 01647432 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-28 17:40 - 2014-04-23 21:33 - 13692232 _____ () C:\Users\terminal\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\System32:341264BB_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupfolder: C:^Users^terminal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk => C:\Windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
MSCONFIG\startupreg: BitTorrent => "C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: CertificateRegistration => aetcrss1.exe
MSCONFIG\startupreg: ChicaPasswordManager => "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned

==================== Faulty Device Manager Devices =============

Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2014 11:17:44 AM) (Source: VSS) (User: ) (EventID: 8194)
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {2c477d8b-6dd0-49a2-ae76-99188f714872}


System errors:
=============
Error: (05/07/2014 11:51:22 AM) (Source: Disk) (User: ) (EventID: 7)
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (05/07/2014 11:51:21 AM) (Source: Disk) (User: ) (EventID: 7)
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (05/07/2014 11:18:33 AM) (Source: Disk) (User: ) (EventID: 7)
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.

Error: (05/07/2014 11:18:32 AM) (Source: Disk) (User: ) (EventID: 7)
Description: O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.


Microsoft Office Sessions:
=========================
Error: (05/07/2014 11:17:44 AM) (Source: VSS) (User: ) (EventID: 8194)
Description: 0x80070005, Acesso negado.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {2c477d8b-6dd0-49a2-ae76-99188f714872}


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 2037.57 MB
Available physical RAM: 859.17 MB
Total Pagefile: 4075.14 MB
Available Pagefile: 2658.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:136.71 GB) (Free:43.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:161.37 GB) (Free:98.58 GB) NTFS
Drive z: () (Network) (Total:146.48 GB) (Free:114.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool (Size: 298 GB) (Disk ID: 65066506)
Partition 1: (Active) - (Size=137 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=161 GB) - (Type=OF Extended)

==================== End Of Log ============================
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 13:20

Baixe o arquivo fixlist.txt que está anexado nesta postagem e salve-o no mesmo lugar onde você deixou o Farbar (FRST) que é este local abaixo:
C:\Users\terminal\Downloads

Execute o FRST. Clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo.

Selecione, copie e cole o conteúdo deste Fixlog.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 13:27

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:07-05-2014
Ran by terminal at 2014-05-07 13:23:01 Run:1
Running from C:\Users\terminal\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
SearchScopes: HKLM - DefaultScope value is missing.
R0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 mdf16; \??\C:\Users\terminal\AppData\Local\Temp\mdf16.sys [X]
S3 mvd23; \??\C:\Users\terminal\AppData\Local\Temp\mvd23.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
2014-05-06 17:08 - 2014-05-06 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
end
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Bhbase => Unable to stop service
Bhbase => Service deleted successfully.
BHipsEx => Service deleted successfully.
BprotectEx => Service deleted successfully.
mdf16 => Service deleted successfully.
mvd23 => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 13:40

Reinicie o PC para o Farbar completar a remoção dos problemas.

Depois de reiniciar, faça o seguinte:

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 07 maio 2014, 15:35, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 14:13

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by terminal on 07/05/2014 at 13:46:02,44.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\terminal\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07/05/2014 13:49:21 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:

Added to C:\Users\terminal\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\terminal\.android deleted
C:\Program Files\GUME2EE.tmp deleted
C:\Users\terminal\AppData\Roaming\YoudaGames deleted
C:\Windows\system32\config\systemprofile\AppData\Roaming\DealPly deleted
C:\Users\terminal\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\Windows\wininit.ini deleted
C:\Users\terminal\AppData\Roaming\unins000.exe deleted
C:\Users\terminal\AppData\Roaming\unins001.exe deleted
"C:\Users\terminal\AppData\Roaming\Vso" deleted
"C:\Users\terminal\AppData\Roaming\DMCache" deleted

==== Folders Found ======================

2014-05-07 13:24:45 2014-05-07 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-07 13:25:13 2014-05-07 13:25:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\terminal\AppData\Roaming\baidu
2014-05-07 13:25:13 2014-05-07 13:25:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\terminal\AppData\Roaming\baidu\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^terminal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk]
"command"="C:\\Windows\\System32\\rundll32.exe \"C:\\Users\\terminal\\AppData\\Roaming\\Baidu Security\\PC App Store\\3.8.8.1435\\Uninstall\\PC App Store Uninstall\\0\\InstallUtility.dll\", _OpenUrl -run \"PC App Store Uninstall\" -ini \"OpenUrl.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\110911-16859-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\010413-14234-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\011112-15375-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\032112-14078-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\052312-16921-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\082112-16015-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110512-16578-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110812-24203-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110911-16859-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130066219398281250.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\110911-16859-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\010413-14234-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\011112-15375-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\032112-14078-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\052312-16921-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\082112-16015-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110512-16578-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110812-24203-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110911-16859-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130066219398281250.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx[31/05/2012 16:58]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx[31/05/2012 16:59]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx[20/06/2011 20:42]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\terminal\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[11/01/2014 10:41]

Kaspersky URL Advisor - terminal\AppData\Local\Chromium\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Delta Toolbar - terminal\AppData\Local\Chromium\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Virtual Keyboard - terminal\AppData\Local\Chromium\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Torntv 2 - terminal\AppData\Local\Chromium\User Data\Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Anti-Banner - terminal\AppData\Local\Chromium\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
Kaspersky URL Advisor - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Virtual Keyboard - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Google Wallet - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
GBBD Banco do Brasil - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Anti-Banner - terminal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman

==== Chrome Fix ======================

C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_18-wheels-of-steel-across-america.softonic.com.br_0.localstorage deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_18-wheels-of-steel-across-america.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_elifoot.softonic.com.br_0.localstorage deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_elifoot.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator.softonic.com.br_0.localstorage deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_euro-truck-simulator.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_powerarchiver.softonic.com.br_0.localstorage deleted successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_powerarchiver.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\terminal\AppData\Local\Chromium\User Data\Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully
C:\Users\terminal\AppData\Local\Chromium\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Page Restore"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Start Page Restore"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\terminal\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\terminal\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\terminal\Desktop\Auto Web BrasilCard.lnk - C:\AutoWeb\SisAutoWeb.exe
C:\Users\terminal\Desktop\Bradesco.lnk - E:\Bradesco
C:\Users\terminal\Desktop\Bradesco.xlsx.lnk - E:\Bradesco\Bradesco.xlsx
C:\Users\terminal\Desktop\c (servidor1) (Z).lnk - Z:\
C:\Users\terminal\Desktop\Disco Local (C).lnk - C:\
C:\Users\terminal\Desktop\Disco Local (E).lnk - E:\
C:\Users\terminal\Desktop\Epan.lnk - C:\Panpharma\Epan\Epan.exe
C:\Users\terminal\Desktop\Farmacia popular receitas.lnk - E:\Farmacia popular receitas
C:\Users\terminal\Desktop\LotoFacil Professional.lnk - C:\Program Files\Spolti Technologies\LotoFacil Professional\LotoFacil.exe
C:\Users\terminal\Desktop\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\terminal\Desktop\Suporte Sysfar.lnk - Z:\SysFar\sysfar.exe suporte
C:\Users\terminal\Desktop\sysfar.lnk - Z:\SysFar\sysfar.exe
C:\Users\terminal\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\Users\terminal\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\TODOSO~1\Desktop\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\TODOSO~1\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe

==== shortcuts in Users Start Menu ======================

C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa\Jogar MU Alfa.lnk - E:\Mu Alfa\jogar.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MU Alfa\Uninstall MU Alfa.lnk - E:\Mu Alfa\Uninstal.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)\Jogar MU Alfa.lnk - E:\mu\jogar.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Alfa - (Sem som)\Uninstall Mu Alfa - (Sem som).lnk - E:\mu\Uninstal.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuHeLLFire Season 4\Jogar MuHeLLFire Season 4.lnk - E:\mu\mu\Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuHeLLFire Season 4\Uninstall MuHeLLFire Season 4.lnk - E:\mu\mu\Uninstal.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Project 64.lnk - C:\Program Files\Project64 2.1\Project64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Uninstall Project64 2.0.lnk - C:\Program Files\Project64 2.1\unins000.exe /LOG
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\terminal\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Multilizer PDF Translator.lnk - E:\Program Files\Multilizer\MultilizerPDFTranslator\PDFTranslationWizard.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk - C:\Program Files\Samsung\Story Album Viewer\HTML5Viewer.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FormatFactory.lnk - E:\Arquivos de programas\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\terminal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\terminal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{63D0CD09-313B-95C6-ED69-DE52D2BFD3E3} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\terminal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\terminal\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\terminal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=20 2848264 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\terminal\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\terminal\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\terminal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 07/05/2014 at 14:11:26,67 ======================
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 14:33

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 07 maio 2014, 15:03, editado 2 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 14:46

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by terminal on 07/05/2014 at 14:35:00,80.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\terminal\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-07-171126.log 26639 bytes

==== System Restore Info ======================

07/05/2014 14:38:09 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^terminal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk]
"command"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\110911-16859-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\010413-14234-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\011112-15375-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\032112-14078-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\052312-16921-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\082112-16015-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110512-16578-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110812-24203-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\110911-16859-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130066219398281250.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\110911-16859-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\010413-14234-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\011112-15375-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\032112-14078-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\052312-16921-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\082112-16015-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110512-16578-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110812-24203-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\110911-16859-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130066219398281250.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Folders Found ======================

2014-05-07 13:24:45 2014-05-07 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-07 13:25:13 2014-05-07 13:25:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\terminal\AppData\Roaming\baidu
2014-05-07 13:25:13 2014-05-07 13:25:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\terminal\AppData\Roaming\baidu\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=20 2848264 bytes)

==== EOF on 07/05/2014 at 14:45:27,93 ======================
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 15:03

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 07 maio 2014, 16:15, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por patricker23 Qua 07 maio 2014, 15:29

Valeu já conseguir instalar o Kaspersky muito agradecido por sua atenção abraço
patricker23
patricker23
Iniciante
Iniciante

Mensagens : 13
Reputação : 0
Data de inscrição : 07/05/2014

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Power Max Qua 07 maio 2014, 15:33

isso aí! Fico feliz que o problema tenha sido resolvido.

Não consigo desinstalar o antivírus baidu 772309 Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

Não consigo desinstalar o antivírus baidu 772309 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

Não consigo desinstalar o antivírus baidu 648673379 Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Não consigo desinstalar o antivírus baidu Empty Re: Não consigo desinstalar o antivírus baidu

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos