Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 16 usuários online :: 0 registrados, 0 invisíveis e 16 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Preciso de Ajuda - remover o BAIDU
3 participantes
Página 1 de 1
Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Sáb 17 maio 2014, 15:10
Boa tarde, Pessoal
Desde já, agradeço muito pela ajuda de vocês!!!!
Não sei exatamente como, mas foi instalado o BAIDU (ANTI)VIRUS no meu notebook. A última coisa que lembro de ser sido baixado foi um programa para PDF do Baixaki (mas sempre desmarco aquelas opções de instalar outros programas..) Então, de fato, não sei da onde veio isso.
Vi pelas discussões do fórum, o procedimento inicial: ADWCleaner (passei ele várias vezes...).
Então, já posto abaixo o resultado do exame antes (depois de já ter passado antes) e depois da limpeza feita pelo próprio programa, para facilitar:
ANTES:
# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:00:45
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Examinar
***** [ ServiÁos ] *****
***** [ Arquivos / Pastas ] *****
Pasta Encontrado : C:\ProgramData\baidu
Pasta Encontrado : C:\Users\Public\Documents\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKLM\Software\DeviceVM
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]
*************************
AdwCleaner[R5].txt - [829 octets] - [17/05/2014 15:00:45]
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [888 octets] ##########
DEPOIS
# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:03:25
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Limpar
***** [ ServiÁos ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Users\Public\Documents\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\Software\DeviceVM
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]
*************************
AdwCleaner[R5].txt - [967 octets] - [17/05/2014 15:00:45]
AdwCleaner[S4].txt - [880 octets] - [17/05/2014 15:03:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [939 octets] ##########
OBRIGADO, POR ENQUANTO, PESSOAL!
ABRAÇO A TODOS!!
GUSTAVO
Desde já, agradeço muito pela ajuda de vocês!!!!
Não sei exatamente como, mas foi instalado o BAIDU (ANTI)VIRUS no meu notebook. A última coisa que lembro de ser sido baixado foi um programa para PDF do Baixaki (mas sempre desmarco aquelas opções de instalar outros programas..) Então, de fato, não sei da onde veio isso.
Vi pelas discussões do fórum, o procedimento inicial: ADWCleaner (passei ele várias vezes...).
Então, já posto abaixo o resultado do exame antes (depois de já ter passado antes) e depois da limpeza feita pelo próprio programa, para facilitar:
ANTES:
# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:00:45
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Examinar
***** [ ServiÁos ] *****
***** [ Arquivos / Pastas ] *****
Pasta Encontrado : C:\ProgramData\baidu
Pasta Encontrado : C:\Users\Public\Documents\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Encontrada : HKLM\Software\DeviceVM
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]
*************************
AdwCleaner[R5].txt - [829 octets] - [17/05/2014 15:00:45]
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [888 octets] ##########
DEPOIS
# AdwCleaner v3.208 - RelatÛrio criado 17/05/2014 ‡s 15:03:25
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usu·rio : Gustavo A. Olsson - GUS-MINI-HP
# Executando de : C:\Users\Gustavo A. Olsson\Desktop\AdwCleaner(2).exe
# OpÁ„o : Limpar
***** [ ServiÁos ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Users\Public\Documents\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\Software\DeviceVM
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (pt-BR)
[ Arquivo : C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js ]
*************************
AdwCleaner[R5].txt - [967 octets] - [17/05/2014 15:00:45]
AdwCleaner[S4].txt - [880 octets] - [17/05/2014 15:03:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [939 octets] ##########
OBRIGADO, POR ENQUANTO, PESSOAL!
ABRAÇO A TODOS!!
GUSTAVO
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Power Max Sáb 17 maio 2014, 15:42
Olá Gustavo. Seja bem vindo ao Fórum PC Brasil.Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 18 maio 2014, 20:40, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 14:54
Boa tarde, Power Max
Tinha mandado executar desde ontem.. mas acabou trancando micro. Hoje mandei fazer novamente e deu certo!
Abaixo, colo o resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 13:52:21,35.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
==== System Restore Info ======================
18/05/2014 13:58:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\Baidu deleted
C:\PROGRA~2\AVG January 2013 Campaign deleted
C:\Users\Public\OJP8500vA909_Full_14.exe deleted
C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted
C:\Windows\system32\tasks\ROC_REG_JAN_DELETE deleted
C:\Windows\system32\tasks\Baidu Antivirus Update deleted
C:\Users\Gustavo A. Olsson\AppData\Roaming\unins000.exe deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 16:57:17 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:25:18 2014-05-08 13:25:18 -------- d-----w- C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure
2014-05-17 18:05:26 2014-05-17 18:05:26 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
==== Files Found ======================
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"="\\Baidu Antivirus Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe"
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files\Epson Software\E-Web Print\Firefox Add-on" [11/12/2012 18:25]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [28/03/2014 08:55]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - MÛdulo de ProteÁ„o - Banco do Brasil
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4DEEF5125602885EE00243EC3D18E68D - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll - Shockwave Flash
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
31DA97B4682187C6639BBE2215814FDA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
4D91D02646FAB0C93FF0EF78255B50A2 - C:\Program Files\Skyhook Wireless\Loki Plugin\nploki.dll - Loki Plugin
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - MicrosoftÆ Silverlight
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{15BB77CE-245B-4DF8-AAB2-582E1911BC69} Wikipedia Url="http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{4AFABF09-43B2-494A-927A-7F05FEAC9AB6} Google Url="http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{842E1C03-74E3-46B5-97DA-D80D49CC916C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
==== shortcuts on Users Desktops ======================
C:\Users\Gustavo A. Olsson\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\Gustavo A. Olsson\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\Gustavo A. Olsson\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado
C:\Users\GUSTAV~1.OLS\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\GUSTAV~1.OLS\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\GUSTAV~1.OLS\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe
C:\Users\Public\Desktop\HP CloudDrive.lnk - C:\Program Files\Hewlett-Packard\HP CloudDrive\zumolauncher.exe /desktop
C:\Users\Public\Desktop\HP Navigator.lnk - C:\Windows\Installer\{A352A399-E453-4277-AE12-0533B1130954}\_2DA27E46D35041E5BD9A99.exe
C:\Users\Public\Desktop\Livescribe Desktop.lnk - C:\Program Files\Livescribe\Desktop\Livescribe Desktop.exe
C:\Users\Public\Desktop\Mendeley Desktop.lnk - C:\Program Files\Mendeley Desktop\MendeleyDesktop.exe
C:\Users\Public\Desktop\Mobile Partner.lnk - C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files\VIVO INTERNET\VIVO INTERNET.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Preferences.lnk - C:\Progra~1\PDFCreator\Actual\Preferences.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Readme.lnk - C:\Progra~1\PDFCreator\Actual\README.HTM
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gustavo A. Olsson\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=34 folders=7 318807660 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp will be emptied at reboot
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 18/05/2014 at 14:39:49,85 ======================
UMA OBSERVAÇÃO: AINDA APARECE O ÍCONE DO BAIDU NOS ÍCONES OCULTOS.
AGUARDO SEU RETORNO,
OBRIGADO!!
GUSTAVO
Tinha mandado executar desde ontem.. mas acabou trancando micro. Hoje mandei fazer novamente e deu certo!
Abaixo, colo o resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 13:52:21,35.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
==== System Restore Info ======================
18/05/2014 13:58:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\GUSTAV~1.OLS\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\Baidu deleted
C:\PROGRA~2\AVG January 2013 Campaign deleted
C:\Users\Public\OJP8500vA909_Full_14.exe deleted
C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted
C:\Windows\system32\tasks\ROC_REG_JAN_DELETE deleted
C:\Windows\system32\tasks\Baidu Antivirus Update deleted
C:\Users\Gustavo A. Olsson\AppData\Roaming\unins000.exe deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 16:57:17 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:27:30 2014-05-15 14:13:05 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-05-08 13:25:18 2014-05-08 13:25:18 -------- d-----w- C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure
2014-05-17 18:05:26 2014-05-17 18:05:26 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
==== Files Found ======================
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-08 13:27:31
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"="\\Baidu Antivirus Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavTray.exe"
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=dword:00000001
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files\Epson Software\E-Web Print\Firefox Add-on" [11/12/2012 18:25]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [28/03/2014 08:55]
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Gustavo A. Olsson\AppData\Roaming\Mozilla\Firefox\Profiles\qcn4ea9n.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
7B32EC68B2D0EAE4C1333EEB53199571 - C:\Users\Gustavo A. Olsson\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - MÛdulo de ProteÁ„o - Banco do Brasil
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4DEEF5125602885EE00243EC3D18E68D - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll - Shockwave Flash
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
31DA97B4682187C6639BBE2215814FDA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
4D91D02646FAB0C93FF0EF78255B50A2 - C:\Program Files\Skyhook Wireless\Loki Plugin\nploki.dll - Loki Plugin
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - MicrosoftÆ Silverlight
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{15BB77CE-245B-4DF8-AAB2-582E1911BC69} Wikipedia Url="http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{4AFABF09-43B2-494A-927A-7F05FEAC9AB6} Google Url="http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{842E1C03-74E3-46B5-97DA-D80D49CC916C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
==== shortcuts on Users Desktops ======================
C:\Users\Gustavo A. Olsson\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\Gustavo A. Olsson\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\Gustavo A. Olsson\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado
C:\Users\GUSTAV~1.OLS\Desktop\Doutorado.lnk - C:\Gustavo\Doutorado
C:\Users\GUSTAV~1.OLS\Desktop\Gustavo - Atalho.lnk - C:\Gustavo
C:\Users\GUSTAV~1.OLS\Desktop\Mestrado - Atalho.lnk - C:\Gustavo\Mestrado
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe
C:\Users\Public\Desktop\HP CloudDrive.lnk - C:\Program Files\Hewlett-Packard\HP CloudDrive\zumolauncher.exe /desktop
C:\Users\Public\Desktop\HP Navigator.lnk - C:\Windows\Installer\{A352A399-E453-4277-AE12-0533B1130954}\_2DA27E46D35041E5BD9A99.exe
C:\Users\Public\Desktop\Livescribe Desktop.lnk - C:\Program Files\Livescribe\Desktop\Livescribe Desktop.exe
C:\Users\Public\Desktop\Mendeley Desktop.lnk - C:\Program Files\Mendeley Desktop\MendeleyDesktop.exe
C:\Users\Public\Desktop\Mobile Partner.lnk - C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files\VIVO INTERNET\VIVO INTERNET.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Preferences.lnk - C:\Progra~1\PDFCreator\Actual\Preferences.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator\Readme.lnk - C:\Progra~1\PDFCreator\Actual\README.HTM
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite (2).lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPMediaSuite.lnk - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\GUSTAV~1.OLS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gustavo A. Olsson\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully
C:\Users\GUSTAV~1.OLS\AppData\Local\Mozilla\Firefox\Profiles\qcn4ea9n.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=34 folders=7 318807660 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gustavo A. Olsson\AppData\Local\Temp will be emptied at reboot
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GUSTAV~1.OLS\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 18/05/2014 at 14:39:49,85 ======================
UMA OBSERVAÇÃO: AINDA APARECE O ÍCONE DO BAIDU NOS ÍCONES OCULTOS.
AGUARDO SEU RETORNO,
OBRIGADO!!
GUSTAVO
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Power Max Dom 18 maio 2014, 17:40
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 18 maio 2014, 19:15, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 18:48
Olá, Power Max
Abaixo, segue o resultado da segunda verificação (após utilizar as suas informações):
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 18:25:47,02.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
==== System Restore Info ======================
18/05/2014 18:29:51 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
==== Deleting Files \ Folders ======================
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
C:\Users\Public\Documents\Baidu deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 21:34:03 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\ProgramData\Baidu
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\Users\All Users\Baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
"Item 1"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=317 folders=75 436854568 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not found
"C:\Program Files\Baidu Security" not found
"C:\Program Files\Baidu Security\Baidu Antivirus" not found
==== EOF on 18/05/2014 at 18:42:17,64 ======================
AGUARDO NOVAS INSTRUÇÕES,
ATENCIOSAMENTE,
GUSTAVO
Abaixo, segue o resultado da segunda verificação (após utilizar as suas informações):
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 18:25:47,02.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
==== System Restore Info ======================
18/05/2014 18:29:51 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E180760F-EA05-4F81-934E-234E916E7C82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\Users\\Gustavo A. Olsson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]
"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Baidu Antivirus\\Baidu Antivirus.lnk"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
==== Deleting Files \ Folders ======================
C:\Users\Gustavo A. Olsson\AppData\Local\Temp\baidu_secure not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus deleted
C:\Users\Public\Documents\Baidu deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBase.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavBh.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavCommon.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavDllFilter.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavFi.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavIPC.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavOa.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavPe.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavScan.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavSvc.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavUm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\CP.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DirectUI.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsDR.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BavTray.log" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dll" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dll" deleted
"C:\Program Files\Baidu Security" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA" deleted
"C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect" deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-08 13:27:12 2014-05-15 14:12:11 -------- d-----w- C:\Program Files\Baidu Security
2014-05-08 13:27:12 2014-05-18 21:34:03 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\ProgramData\Baidu
2014-05-18 17:34:01 2014-05-18 17:34:01 -------- d-----w- C:\Users\All Users\Baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
"Item 1"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=317 folders=75 436854568 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\Bavnt.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BavWl.dat" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\HipsHB.dll" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files\Baidu Security\Baidu Antivirus\log\BHipsSvc.log" not found
"C:\Program Files\Baidu Security" not found
"C:\Program Files\Baidu Security\Baidu Antivirus" not found
==== EOF on 18/05/2014 at 18:42:17,64 ======================
AGUARDO NOVAS INSTRUÇÕES,
ATENCIOSAMENTE,
GUSTAVO
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Power Max Dom 18 maio 2014, 19:13
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 18 maio 2014, 20:41, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 20:32
Boa noite, Power Max
Segue, abaixo, o novo resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 19:44:00,43.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes
==== System Restore Info ======================
18/05/2014 19:46:09 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
"Item 1"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-18 22:47:29 2014-05-18 22:47:29 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-18 22:47:30 2014-05-18 22:47:30 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu3.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 22:43:41
Modified time: 2014-05-18 22:43:41
MD5: FC9DC8B14B3ECE29F3167888E6DE8E21
SHA1: 344258517814EB05A229C1EB0A4A26AC4E11B0D6
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu3.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 22:43:33
Modified time: 2014-05-18 22:43:33
MD5: B86CA1ABBD8A7950E07D4A7A49DC5702
SHA1: 6F5C7927F7BE7DE95F1C9881D92332F7B98D2255
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
"Item 1"="[F00000000][T01CF72EA9D85F770][O00000000]*E:\\baidu3.docx"
"Item 2"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=331 folders=79 436867346 bytes)
==== EOF on 18/05/2014 at 19:53:24,79 ======================
NOVAMENTE, OBRIGADO.
GUSTAVO
Segue, abaixo, o novo resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 19:44:00,43.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes
==== System Restore Info ======================
18/05/2014 19:46:09 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
"Item 1"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
==== Folders Found ======================
2014-05-15 14:34:50 2014-05-15 14:34:50 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu
2014-05-15 14:34:56 2014-05-15 14:34:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Gustavo A. Olsson\AppData\Roaming\baidu\Baidu Antivirus
2014-05-15 14:34:57 2014-05-15 14:34:57 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-18 21:33:41 2014-05-18 21:33:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-05-18 21:33:45 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-05-18 22:47:29 2014-05-18 22:47:29 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:08 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 17:21:45 2014-05-18 17:21:45 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-05-18 22:47:30 2014-05-18 22:47:30 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-05-17 17:36:08 2014-05-17 17:36:09 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-18 21:33:46 2014-05-18 21:33:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-18 21:33:41 2014-05-18 21:33:45 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu2.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 21:26:46
Modified time: 2014-05-18 21:26:46
MD5: F9270BFB9175D60BA170E9F4040380B6
SHA1: 76829369F4DC3F82623A4396A55CE0CA0D1CC2B8
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Office\Recente\baidu3.LNK ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 286
Created time: 2014-05-18 22:43:41
Modified time: 2014-05-18 22:43:41
MD5: FC9DC8B14B3ECE29F3167888E6DE8E21
SHA1: 344258517814EB05A229C1EB0A4A26AC4E11B0D6
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu2.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 21:26:41
Modified time: 2014-05-18 21:28:57
MD5: 2D5021F0734E9FA3A8C6B4C47C445FF5
SHA1: 669DD40CEE35209D51B0C6F43D249C5C19B79F36
--- C:\Users\Gustavo A. Olsson\AppData\Roaming\Microsoft\Windows\Recent\baidu3.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334
Created time: 2014-05-18 22:43:33
Modified time: 2014-05-18 22:43:33
MD5: B86CA1ABBD8A7950E07D4A7A49DC5702
SHA1: 6F5C7927F7BE7DE95F1C9881D92332F7B98D2255
--- C:\zoek_backup\C_Windows_system32_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-18 17:21:53
Modified time: 2014-05-08 13:27:30
MD5: CA20205DD3F3CC39B4FDF65DBAE4A038
SHA1: 69DE0CB4456ECB733950AC0F9EDD89D727B8B6BC
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1178
Created time: 2014-05-18 21:33:46
Modified time: 2014-05-08 13:27:31
MD5: D0DAD94367AE59292891D64636254F18
SHA1: 44AF8C627A1E0C4CEA418AAB80C6BC2E131B3D32
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
"Item 1"="[F00000000][T01CF72EA9D85F770][O00000000]*E:\\baidu3.docx"
"Item 2"="[F00000000][T01CF72DFDEC2DE20][O00000000]*E:\\baidu2.docx"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=331 folders=79 436867346 bytes)
==== EOF on 18/05/2014 at 19:53:24,79 ======================
NOVAMENTE, OBRIGADO.
GUSTAVO
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Power Max Dom 18 maio 2014, 20:43
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 18 maio 2014, 21:12, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 21:10
Caro, Power Max
Abaixo, novo resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 21:00:17,12.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes
C:\zoek-results2014-05-18-225324.log 6638 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
"Item 1"=-
"Item 2"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=331 folders=79 436867346 bytes)
==== EOF on 18/05/2014 at 21:04:47,95 ======================
ATENCIOSAMENTE,
GUSTAVO
Abaixo, novo resultado:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Gustavo A. Olsson on 18/05/2014 at 21:00:17,12.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo A. Olsson\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-17-174747.log 24425 bytes
C:\zoek-results2014-05-17-192757.log 2682 bytes
C:\zoek-results2014-05-18-173949.log 34133 bytes
C:\zoek-results2014-05-18-214217.log 21917 bytes
C:\zoek-results2014-05-18-225324.log 6638 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
"Item 1"=-
"Item 2"=-
[-HKEY_USERS\S-1-5-21-1134690670-3967689668-1164679238-1001\Software\Baidu Security]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=331 folders=79 436867346 bytes)
==== EOF on 18/05/2014 at 21:04:47,95 ======================
ATENCIOSAMENTE,
GUSTAVO
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 21:31
POWER MAX,
Aparentemente, está tudo funcionando. Reinicializei ele e o programa realmente sumiu... Também não notei nada estranho até agora.
A internet está funcionando também...
Vou monitorando.. qualquer coisa, aviso!!
Preciso fazer mais alguma coisa?
Gustavo
Aparentemente, está tudo funcionando. Reinicializei ele e o programa realmente sumiu... Também não notei nada estranho até agora.
A internet está funcionando também...
Vou monitorando.. qualquer coisa, aviso!!
Preciso fazer mais alguma coisa?
Gustavo
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Power Max Dom 18 maio 2014, 21:42
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]._______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Preciso de Ajuda - remover o BAIDU
por Menino_Dourado Dom 18 maio 2014, 21:48
Power Max,
Muito.. mas muito... mas muito obrigado!!
De coração, um grande abraço para todo o pessoal do fórum!!!
Você realmente foi prestativo!!! e me sinto muito feliz não só pela ajuda, mas por poder confiar em vocês!!
abração,
Gustavo
Muito.. mas muito... mas muito obrigado!!
De coração, um grande abraço para todo o pessoal do fórum!!!
Você realmente foi prestativo!!! e me sinto muito feliz não só pela ajuda, mas por poder confiar em vocês!!
abração,
Gustavo
Menino_Dourado- Iniciante
- Mensagens : 7
Reputação : 0
Data de inscrição : 17/05/2014
Re: Preciso de Ajuda - remover o BAIDU
por Danii Dom 18 maio 2014, 22:28
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Tópicos semelhantes» Preciso de ajuda para remover o Baidu por completo
» PRECISO REMOVER BAIDU
» Preciso de ajuda para remover a praga qone8
» Preciso de ajuda para remover de vez o Movie Mode!!!
» Ajuda para remover o Baidu do computador
» PRECISO REMOVER BAIDU
» Preciso de ajuda para remover a praga qone8
» Preciso de ajuda para remover de vez o Movie Mode!!!
» Ajuda para remover o Baidu do computador
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos