Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Preciso de Ajuda - remover o BAIDU

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Sab 17 Maio 2014, 15:10

Boa tarde, Pessoal

Desde já, agradeço muito pela ajuda de vocês!!!!

Não sei exatamente como, mas foi instalado o BAIDU (ANTI)VIRUS no meu notebook. A última coisa que lembro de ser sido baixado foi um programa para PDF do Baixaki (mas sempre desmarco aquelas opções de instalar outros programas..) Então, de fato, não sei da onde veio isso.

Vi pelas discussões do fórum, o procedimento inicial: ADWCleaner (passei ele várias vezes...).

Então, já posto abaixo o resultado do exame antes (depois de já ter passado antes) e depois da limpeza feita pelo próprio programa, para facilitar:

ANTES:

# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:00:45
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Examinar

***** [ ServiÁos ] *****


***** [ Arquivos / Pastas ] *****

Pasta Encontrado : C:\ProgramData\baidu
Pasta Encontrado : C:\Users\Public\Documents\baidu

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Encontrada : HKLM\Software\DeviceVM

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]


*************************

AdwCleaner[R5].txt - [829 octets] - [17/05/2014 15:00:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [888 octets] ##########



DEPOIS


# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:03:25
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Limpar

***** [ ServiÁos ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Users\Public\Documents\baidu

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\Software\DeviceVM

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]


*************************

AdwCleaner[R5].txt - [967 octets] - [17/05/2014 15:00:45]
AdwCleaner[S4].txt - [880 octets] - [17/05/2014 15:03:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [939 octets] ##########




OBRIGADO, POR ENQUANTO, PESSOAL!

ABRAÇO A TODOS!!

GUSTAVO
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Sab 17 Maio 2014, 15:42

  Olá Gustavo. Seja bem vindo ao Fórum PC Brasil.

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 20:40, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 14:54

Boa tarde, Power Max

Tinha mandado executar desde ontem.. mas acabou trancando  micro. Hoje mandei fazer novamente e deu certo!

Abaixo, colo o resultado:



Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 13:52:21,35.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes

==== System Restore Info ======================

18/05/2014 13:58:15 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\Baidu deleted
C:\PROGRA~2\AVG January 2013 Campaign deleted
C:\Users\Public\OJP8500vA909_Full_14.exe deleted
C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted
C:\Windows\system32\tasks\ROC_REG_JAN_DELETE deleted
C:\Windows\system32\tasks\Baidu Antivirus Update deleted
C:\Users\Gustavo A. Olsson\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 16:57:17 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:25:18 2014-05-08 13:25:18 -------- d-----w- C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure
2014-05-17 18:05:26 2014-05-17 18:05:26 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security

==== Files Found ======================


--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"="\\Baidu Antivirus Update"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe"

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files\Epson Software\E-Web Print\Firefox Add-on" [11/12/2012 18:25]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [28/03/2014 08:55]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - MÛdulo de ProteÁ„o - Banco do Brasil
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4DEEF5125602885EE00243EC3D18E68D - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll - Shockwave Flash
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
31DA97B4682187C6639BBE2215814FDA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
4D91D02646FAB0C93FF0EF78255B50A2 - C:\Program Files\Skyhook Wireless\Loki Plugin\nploki.dll - Loki Plugin
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - MicrosoftÆ Silverlight


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{15BB77CE-245B-4DF8-AAB2-582E1911BC69} Wikipedia  Url="http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{4AFABF09-43B2-494A-927A-7F05FEAC9AB6} Google  Url="http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{842E1C03-74E3-46B5-97DA-D80D49CC916C} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"

==== shortcuts on Users Desktops ======================

C:\Users\Gustavo A. Olsson\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\Gustavo A. Olsson\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\Gustavo A. Olsson\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado
C:\Users\GUSTAV~1.OLS\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\GUSTAV~1.OLS\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\GUSTAV~1.OLS\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe
C:\Users\Public\Desktop\HP CloudDrive.lnk - C:\Program Files\Hewlett-Packard\HP CloudDrive\zumolauncher.exe /desktop
C:\Users\Public\Desktop\HP Navigator.lnk - C:\Windows\Installer\{A352A399-E453-4277-AE12-0533B1130954}\_2DA27E46D35041E5BD9A99.exe
C:\Users\Public\Desktop\Livescribe Desktop.lnk - C:\Program Files\Livescribe\Desktop\Livescribe Desktop.exe
C:\Users\Public\Desktop\Mendeley Desktop.lnk - C:\Program Files\Mendeley Desktop\MendeleyDesktop.exe
C:\Users\Public\Desktop\Mobile Partner.lnk - C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files\VIVO INTERNET\VIVO INTERNET.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Preferences.lnk - C:\Progra~1\PDFCreator\Actual\Preferences.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Readme.lnk - C:\Progra~1\PDFCreator\Actual\README.HTM

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gustavo A. Olsson\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=34 folders=7 318807660 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp will be emptied at reboot
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 18/05/2014 at 14:39:49,85 ======================




UMA OBSERVAÇÃO: AINDA APARECE O ÍCONE DO BAIDU NOS ÍCONES OCULTOS.

AGUARDO SEU RETORNO,

OBRIGADO!!

GUSTAVO
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Dom 18 Maio 2014, 17:40

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 19:15, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 18:48

Olá, Power Max

Abaixo, segue o resultado da segunda verificação (após utilizar as suas informações):


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 18:25:47,02.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes

==== System Restore Info ======================

18/05/2014 18:29:51 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]

==== Deleting Files \ Folders ======================

C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
C:\Users\Public\Documents\Baidu deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted

==== Folders Found ======================

2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 21:34:03 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\ProgramData\Baidu
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\Users\All Users\Baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus

==== Files Found ======================


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36


--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]

"Item 1"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=317 folders=75 436854568 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log"  not found
"C:\Program Files\Baidu Security"  not found
"C:\Program Files\Baidu Security\Baidu Antivirus"  not found

==== EOF on 18/05/2014 at 18:42:17,64 ======================


AGUARDO NOVAS INSTRUÇÕES,

ATENCIOSAMENTE,

GUSTAVO
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Dom 18 Maio 2014, 19:13

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 20:41, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 20:32

Boa noite, Power Max

Segue, abaixo, o novo resultado:



Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 19:44:00,43.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes

==== System Restore Info ======================

18/05/2014 19:46:09 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
"Item 1"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]

==== Deleting Files \ Folders ======================

C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted

==== Folders Found ======================

2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-18 22:47:29 2014-05-18 22:47:29 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-18 22:47:30 2014-05-18 22:47:30 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus

==== Files Found ======================


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu3.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 22:43:41
Modified time: 2014-05-18 22:43:41
MD5: FC9DC8B14B3ECE29F3167888E6DE8E21
SHA1: 344258517814EB05A229C1EB0A4A26AC4E11B0D6


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36


--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu3.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 22:43:33
Modified time: 2014-05-18 22:43:33
MD5: B86CA1ABBD8A7950E07D4A7A49DC5702
SHA1: 6F5C7927F7BE7DE95F1C9881D92332F7B98D2255


--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32


==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]

"Item 1"="[F00000000][T01CF72EA9D85F770][O00000000]*E:\\baidu3.docx"

"Item 2"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=331 folders=79 436867346 bytes)

==== EOF on 18/05/2014 at 19:53:24,79 ======================


NOVAMENTE, OBRIGADO.

GUSTAVO
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Dom 18 Maio 2014, 20:43

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 18 Maio 2014, 21:12, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 21:10

Caro, Power Max

Abaixo, novo resultado:


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 21:00:17,12.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes
C:\zoek-results2014-05-18-225324.log 6638 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
"Item 1"=-
"Item 2"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=331 folders=79 436867346 bytes)

==== EOF on 18/05/2014 at 21:04:47,95 ======================


ATENCIOSAMENTE,

GUSTAVO
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Dom 18 Maio 2014, 21:11

Como está o PC?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 21:31

POWER MAX,

Aparentemente, está tudo funcionando. Reinicializei ele e o programa realmente sumiu... Também não notei nada estranho até agora.

A internet está funcionando também...

Vou monitorando.. qualquer coisa, aviso!!

Preciso fazer mais alguma coisa?

Gustavo
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Power Max em Dom 18 Maio 2014, 21:42

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Menino_Dourado em Dom 18 Maio 2014, 21:48

Power Max,

Muito.. mas muito... mas muito obrigado!!

De coração, um grande abraço para todo o pessoal do fórum!!!

Você realmente foi prestativo!!! e me sinto muito feliz não só pela ajuda, mas por poder confiar em vocês!!

abração,

Gustavo
avatar
Menino_Dourado
Iniciante
Iniciante

Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Danii em Dom 18 Maio 2014, 22:28

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.
avatar
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 77
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

Re: Preciso de Ajuda - remover o BAIDU

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum