Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 18 usuários online :: 0 registrados, 0 invisíveis e 18 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Kaspersky detecta baidu antivirus e não consigo removê-lo
3 participantes
Página 1 de 1
Kaspersky detecta baidu antivirus e não consigo removê-lo
por Juliano Poletto Sáb 24 maio 2014, 20:38
Ao tentar instalar o kaspersky, ele identifica software incompatível: baidu antivirus.
Tive esse mesmo problema que muitos aqui no fórum, resolvi seguir algumas sugestões de alguns tópicos aqui.
Executei corretamente o AdwCleaner e o Zoek, porem não consegui remover o baidu. O que faço?
Segue o log que realizei com o adwcleaner após seguir as sugestões:
# AdwCleaner v3.210 - Relatório criado 24/05/2014 às 20:20:22
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Gisele - CARTOLA
# Executando de : C:\Users\Gisele\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v35.0.1916.114
[ Arquivo : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [13299 octets] - [24/05/2014 17:30:55]
AdwCleaner[R1].txt - [1031 octets] - [24/05/2014 20:14:59]
AdwCleaner[R2].txt - [1016 octets] - [24/05/2014 20:19:28]
AdwCleaner[S0].txt - [11540 octets] - [24/05/2014 17:32:28]
AdwCleaner[S1].txt - [1088 octets] - [24/05/2014 20:15:48]
AdwCleaner[S2].txt - [936 octets] - [24/05/2014 20:20:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [995 octets] ##########
Tive esse mesmo problema que muitos aqui no fórum, resolvi seguir algumas sugestões de alguns tópicos aqui.
Executei corretamente o AdwCleaner e o Zoek, porem não consegui remover o baidu. O que faço?
Segue o log que realizei com o adwcleaner após seguir as sugestões:
# AdwCleaner v3.210 - Relatório criado 24/05/2014 às 20:20:22
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : Gisele - CARTOLA
# Executando de : C:\Users\Gisele\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v35.0.1916.114
[ Arquivo : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [13299 octets] - [24/05/2014 17:30:55]
AdwCleaner[R1].txt - [1031 octets] - [24/05/2014 20:14:59]
AdwCleaner[R2].txt - [1016 octets] - [24/05/2014 20:19:28]
AdwCleaner[S0].txt - [11540 octets] - [24/05/2014 17:32:28]
AdwCleaner[S1].txt - [1088 octets] - [24/05/2014 20:15:48]
AdwCleaner[S2].txt - [936 octets] - [24/05/2014 20:20:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [995 octets] ##########
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Sáb 24 maio 2014, 20:39
Olá Juliano.
Acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
Acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Juliano Poletto Sáb 24 maio 2014, 21:17
Segue em anexo, pois é extenso, o log que realizei com o Zoek após seguir as sugestões:
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Sáb 24 maio 2014, 21:41
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 25 maio 2014, 10:14, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
log Zoek
por Juliano Poletto Sáb 24 maio 2014, 22:01
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gisele on 24/05/2014 at 21:43:26,22.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gisele\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-24-210511.log 30162 bytes
C:\zoek-results2014-05-24-220017.log 82114 bytes
C:\zoek-results2014-05-24-221749.log 81314 bytes
C:\zoek-results2014-05-25-000935.log 81536 bytes
==== System Restore Info ======================
24/05/2014 21:44:14 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Folders Found ======================
2014-05-24 20:32:28 2014-05-24 20:32:28 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-09 10:15:34 2014-02-09 10:15:34 -------- d-----w- C:\Users\Gisele\AppData\Roaming\Baidu Security
2014-02-09 10:15:34 2014-02-09 10:15:34 -------- d-----w- C:\Users\Public\Documents\Baidu Security
==== Files Found ======================
--- C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Recent\http--[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 198
Created time: 2014-05-24 20:19:43
Modified time: 2014-05-24 20:19:43
MD5: 62C47853E22777402AF8887B616D431D
SHA1: 86F47EEA3FDABF621A14B16E29C65ED8A0D9D21E
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international\hao123desk]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [24/05/2014 18:26]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 10:49]
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{297DEA04-89BE-498A-BEC3-1F83CB48C97F} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
C:\Users\Public\Desktop\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\Users\Public\Desktop\Adobe FormsCentral.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-FFFF-7760-000000000006}\_SC_Acrobat.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Desinstalar.lnk - C:\Program Files (x86)\Google\Picasa3\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gisele\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gisele\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=81 folders=26 20703419 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gisele\AppData\Local\Temp will be emptied at reboot
C:\Users\Juliano Poletto\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Gisele\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 24/05/2014 at 21:55:32,50 ======================
Tool run by Gisele on 24/05/2014 at 21:43:26,22.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gisele\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-24-210511.log 30162 bytes
C:\zoek-results2014-05-24-220017.log 82114 bytes
C:\zoek-results2014-05-24-221749.log 81314 bytes
C:\zoek-results2014-05-25-000935.log 81536 bytes
==== System Restore Info ======================
24/05/2014 21:44:14 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Folders Found ======================
2014-05-24 20:32:28 2014-05-24 20:32:28 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-09 10:15:34 2014-02-09 10:15:34 -------- d-----w- C:\Users\Gisele\AppData\Roaming\Baidu Security
2014-02-09 10:15:34 2014-02-09 10:15:34 -------- d-----w- C:\Users\Public\Documents\Baidu Security
==== Files Found ======================
--- C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Recent\http--[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 198
Created time: 2014-05-24 20:19:43
Modified time: 2014-05-24 20:19:43
MD5: 62C47853E22777402AF8887B616D431D
SHA1: 86F47EEA3FDABF621A14B16E29C65ED8A0D9D21E
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international\hao123desk]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [24/05/2014 18:26]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 10:49]
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Adobe Acrobat - Create PDF - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{297DEA04-89BE-498A-BEC3-1F83CB48C97F} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
C:\Users\Public\Desktop\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\Users\Public\Desktop\Adobe FormsCentral.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-FFFF-7760-000000000006}\_SC_Acrobat.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk - C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk - C:\Program Files (x86)\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Log de Telemetria do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Painel de Telemetria do Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Desinstalar.lnk - C:\Program Files (x86)\Google\Picasa3\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\O que há de novo na última versão.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juliano Poletto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gisele\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gisele\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\Juliano Poletto\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=81 folders=26 20703419 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gisele\AppData\Local\Temp will be emptied at reboot
C:\Users\Juliano Poletto\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Gisele\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 24/05/2014 at 21:55:32,50 ======================
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Sáb 24 maio 2014, 22:30
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 25 maio 2014, 10:13, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Juliano Poletto Dom 25 maio 2014, 00:25
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gisele on 25/05/2014 at 0:19:20,23.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gisele\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-24-210511.log 30162 bytes
C:\zoek-results2014-05-24-220017.log 82114 bytes
C:\zoek-results2014-05-24-221749.log 81314 bytes
C:\zoek-results2014-05-25-000935.log 81536 bytes
C:\zoek-results2014-05-25-005532.log 24103 bytes
==== System Restore Info ======================
25/05/2014 00:20:01 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu\Hao123-international\hao123desk]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030514-26343-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\030714-32140-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\031014-29546-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130389740384933844.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
==== Deleting Files \ Folders ======================
C:\Users\Gisele\AppData\Roaming\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
"C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Recent\http--[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] deleted
==== Folders Found ======================
2014-05-24 20:32:28 2014-05-24 20:32:28 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-25 03:20:31 2014-05-25 03:20:31 -------- d---a-w- C:\zoek_backup\C_Users_Gisele_AppData_Roaming_Baidu Security
2014-05-25 03:20:32 2014-05-25 03:20:32 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
==== Files Found ======================
--- C:\zoek_backup\C_Users_Gisele_AppData_Roaming_Microsoft_Windows_Recent_http--[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 198
Created time: 2014-05-25 03:20:32
Modified time: 2014-05-24 20:19:43
MD5: 62C47853E22777402AF8887B616D431D
SHA1: 86F47EEA3FDABF621A14B16E29C65ED8A0D9D21E
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=83 folders=33 20711994 bytes)
==== EOF on 25/05/2014 at 0:22:28,05 ======================
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Dom 25 maio 2014, 00:50
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 25 maio 2014, 10:13, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Juliano Poletto Dom 25 maio 2014, 09:03
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Gisele on 25/05/2014 at 8:59:01,36.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gisele\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-05-24-210511.log 30162 bytes
C:\zoek-results2014-05-24-220017.log 82114 bytes
C:\zoek-results2014-05-24-221749.log 81314 bytes
C:\zoek-results2014-05-25-000935.log 81536 bytes
C:\zoek-results2014-05-25-005532.log 24103 bytes
C:\zoek-results2014-05-25-032228.log 7385 bytes
==== System Restore Info ======================
25/05/2014 08:59:53 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-2707155947-106494757-454068648-1001\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=83 folders=33 20711994 bytes)
==== EOF on 25/05/2014 at 9:00:20,35 ======================
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Dom 25 maio 2014, 10:12
O Baidu não está mais constando no seu relatório. Como está o PC?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Juliano Poletto Dom 25 maio 2014, 13:36
:rindo_atoa: Grande Power Max, muitíssimo obrigado!!! Tudo certo, o Baidu antivírus desapareceu e consegui instalar o Kaspersky.
Valeu mesmo, estou sem palavras por tudo... pela atenção, pela rapidez e pela eficiência.
Valeu mesmo, estou sem palavras por tudo... pela atenção, pela rapidez e pela eficiência.
Juliano Poletto- Iniciante
- Mensagens : 31
Reputação : 0
Data de inscrição : 24/05/2014
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Power Max Dom 25 maio 2014, 13:53
Fico feliz que o problema tenha sido resolvido.
Só para finalizar siga estes tutoriais abaixo, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]._______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Kaspersky detecta baidu antivirus e não consigo removê-lo
por Danii Dom 25 maio 2014, 14:54
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Conteúdo patrocinado
Tópicos semelhantes» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Não consigo instalar Kaspersky porque o Baidu antivirus é incompatível
» Baidu antivirus incompatível, não consigo instalar Kaspersky
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Não consigo instalar Kaspersky porque o Baidu antivirus é incompatível
» Baidu antivirus incompatível, não consigo instalar Kaspersky
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|