Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
18 usuários online :: 0 registrados, 0 invisíveis e 18 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
joram
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Wings [In Memoriam]
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
caedurodrigues
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Amigo Brasileiro
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
luizvilarinho
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Danii
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Admin
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Danilo Marsaro
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 
Andreata
ANTIVIRUS - ce_umbrellacert Vote_lcapANTIVIRUS - ce_umbrellacert Voting_barANTIVIRUS - ce_umbrellacert Vote_rcap 

abril 2024
SegTerQuaQuiSexSábDom
1234567
891011121314
15161718192021
22232425262728
2930     

Calendário Calendário

Palavras-chaves

áudio  flash  desinstalar  PARA  vídeos  instalação  video  2015  excluir  2025  pessoas  player  impressora  game  SOFTWARE  placa  2013  SISPNCD  windows  deletar  mcafee  adobe  popup  teclado  virus  notebook  


ce_umbrellacert

3 participantes

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty ce_umbrellacert

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 15:03

boa tarde gostaria de uma ajuda, para que não abra mais essas caixas de mensagens no meu computador
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 15:04

ANTIVIRUS - ce_umbrellacert 648673379  Olá Ricardo. Seja bem vindo ao Fórum PC Brasil.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty relatorio adwcleaner

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 15:40

# AdwCleaner v3.211 - Relatório criado 27/05/2014 às 15:37:52
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : rym - RICARDO
# Executando de : C:\Users\rym\Downloads\adwcleaner_3.211.exe
# Opção : Examinar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Arquivo Encontrado : C:\Windows\System32\Tasks\Browser Updater
Arquivo Encontrado : C:\Windows\System32\Tasks\ProtectedSearch
Pasta Encontrado : C:\Users\Public\Documents\baidu

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Encontrada : HKCU\Software\AppDataLow\Software

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\rym\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [867 octets] - [27/05/2014 15:37:52]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [926 octets] ##########
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 15:49

# Opção : Examinar
Você usou só a função de examinar. Clique no botão Limpar para que o Adwcleaner remova os problemas. Depois disto poste o novo relatório que ele irá criar.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty relatorio adwcleaner

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 16:09

desculpe por ter enviado o relatorio errado, segue o certo


# AdwCleaner v3.211 - Relatório criado 27/05/2014 às 16:05:10
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language (64 bits)
# Usuário : rym - RICARDO
# Executando de : C:\Users\rym\Downloads\adwcleaner_3.211.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Public\Documents\baidu
Arquivo Deletada : C:\Windows\System32\Tasks\Browser Updater
Arquivo Deletada : C:\Windows\System32\Tasks\ProtectedSearch

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\AppDataLow\Software

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\rym\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1005 octets] - [27/05/2014 15:37:52]
AdwCleaner[S0].txt - [917 octets] - [27/05/2014 16:05:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [976 octets] ##########
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 16:15

Qual antivirus você usa?
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty antivirus

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 16:23

avast
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 16:27

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione a opção Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty mensagem

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 16:36

apareceu uma msg

windows smartscreen protegeu seu computador
e não deixou abrir o programa
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 16:44

Você está baixando ele pelo Internet Explorer. Baixe ele pelo Google Chrome e veja se dá certo.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty estava fazendo pelo chrome

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 19:56


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by rym on 27/05/2014 at 16:41:41,78.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\rym\Downloads\zoek (2).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27/05/2014 16:42:52 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Ter 27 maio 2014, 20:40

O Zoek ainda está fazendo a limpeza dos problemas. Espere até que ele termine e depois poste o relatório completo dele, por gentileza.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty relatorio

Mensagem por ricardo yukio matsumoto Ter 27 maio 2014, 21:35


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by rym on 27/05/2014 at 20:48:35,98.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\rym\Downloads\zoek (4).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-27-215410.log 70319 bytes

==== System Restore Info ======================

27/05/2014 20:49:18 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Folders Found ======================

2014-05-27 19:05:11 2014-05-27 19:05:11 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-04-08 19:41:18 2014-04-24 17:29:20 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-08 19:42:04 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag
2014-04-16 17:00:18 2014-04-16 17:00:21 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr
2014-04-08 19:42:05 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag
2014-04-16 17:00:18 2014-04-24 17:26:59 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr
2014-04-08 19:42:05 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag
2014-04-16 17:00:18 2014-04-24 17:27:00 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr
2014-04-08 19:42:06 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag
2014-04-16 17:00:18 2014-04-16 17:00:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag
2014-04-16 17:00:18 2014-04-24 17:27:00 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr
2014-04-16 21:09:27 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing
2014-04-13 01:17:54 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\BaiduSafe
2014-04-13 01:17:54 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduDefrag
2014-04-08 19:42:24 2014-04-16 17:00:21 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr
2014-04-13 01:17:54 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\BaiduSafe
2014-04-13 01:17:54 2014-04-28 13:06:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduDefrag
2014-04-08 19:42:24 2014-04-24 17:26:59 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\BaiduSafe
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduDefrag
2014-04-08 19:42:24 2014-04-24 17:27:00 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\BaiduSafe
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduDefrag
2014-04-08 19:42:24 2014-04-16 17:00:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduBatteryDoctor
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduDefrag
2014-04-08 19:42:24 2014-04-24 17:27:00 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr
2014-04-13 01:17:54 2014-04-28 13:06:38 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduWifiSharing
2014-04-08 19:41:18 2014-04-08 19:42:25 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-08 19:42:20 2014-05-12 18:26:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-04-08 19:41:18 2014-04-08 19:42:25 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-08 19:42:20 2014-05-12 18:26:19 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-05-27 19:06:29 2014-05-27 19:06:29 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-04-08 19:41:56 2014-04-24 17:29:21 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-04-08 19:42:42 2014-04-24 17:29:14 -------- d-----w- C:\Users\rym\AppData\Roaming\Baidu Security
2014-05-12 18:25:59 2014-05-12 18:26:02 -------- d-----w- C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store
2014-04-08 19:42:19 2014-05-12 18:26:19 -------- d-----w- C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-04-24 17:29:22 2014-04-24 17:29:22 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll ---
Company: Baidu Inc.
File Description: PC Faster Interface Plugin Manager
File Version: 4,0,3,67165
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2012 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1268416
Created time: 2014-04-13 01:17:58
Modified time: 2014-04-28 12:55:52
MD5: C7E947550A3125661D198295206F7133
SHA1: 29EF863BC5C8066A9154B8E392C1F0F8FB94386D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135615
Created time: 2014-04-13 01:19:04
Modified time: 2014-04-28 12:56:45
MD5: 9FEE9C33084ACF83106AAB9BF73D6D35
SHA1: BD971D9A7804978BF19B5AD194B566F22D22ADD3


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17718
Created time: 2014-04-13 01:19:07
Modified time: 2014-04-28 12:56:49
MD5: 281AF40C5241BE6FD2A489872D54F3E1
SHA1: 6C28D7D950634712D18BF097A516B21E3DB541F8


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36814
Created time: 2014-04-08 19:46:15
Modified time: 2014-04-13 22:21:35
MD5: 51002A20C9651142B49E83A58442E1F6
SHA1: B00474C7E8DD528A020DBD6D2459083C1F4DB588


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135495
Created time: 2014-04-13 01:19:11
Modified time: 2014-04-28 12:56:53
MD5: B8EB7B13DDADCB34384BB1C3B111507B
SHA1: B3E09B9BF0A47E57D1CCB6E223E82CDD86D1822F


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18424
Created time: 2014-04-13 01:19:14
Modified time: 2014-04-28 12:56:55
MD5: 1100F09C60EAC3ECB030489F187FD25D
SHA1: 9A25E2B176919337147A2D7767ADD2337218340D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 88133
Created time: 2014-04-16 21:02:56
Modified time: 2014-04-16 21:02:56
MD5: E8CE61D8300F7C7D816006D481C14F75
SHA1: B01121641E8239612CD518707D801FDD870AC481


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 220986
Created time: 2014-04-13 01:19:23
Modified time: 2014-04-28 12:57:00
MD5: B4C910F5B1F780BA4B0CF9BC1D9DEE9B
SHA1: 89874D6B99FCB78E8B7558030B849153E85723A4


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 20232
Created time: 2014-04-13 01:19:26
Modified time: 2014-04-28 12:57:02
MD5: 54CF958C2214888392AFDED4AC86D39C
SHA1: 071CE8E84FBC52AF95E30B3423F98F17A267B0EF


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36325
Created time: 2014-04-16 21:03:02
Modified time: 2014-04-16 21:03:02
MD5: 1F2287DCCFA2B0D461F92217C9165C85
SHA1: 880DD1B39723E5F93C267067DC3818C43974E268


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 244846
Created time: 2014-04-13 01:19:32
Modified time: 2014-04-28 12:57:07
MD5: CDEF31A4402F0EFF715394A5961CDE6B
SHA1: 20B1761B9B69E77CC7E08EAD1EA25437186215CE


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18332
Created time: 2014-04-13 01:19:35
Modified time: 2014-04-28 12:57:11
MD5: 484ABABF535F91607C4B1C88827BF4C6
SHA1: D96A0769491524B7E7FD1F882CA94184241CDC01


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36511
Created time: 2014-04-08 19:47:01
Modified time: 2014-04-13 22:22:01
MD5: D19D16CFA1ACBF369052D10388EFDBD5
SHA1: 489AF1A698E43A2B39B190435EEF7C65070C1F67


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor\BaiduBatteryDoctor.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 33159
Created time: 2014-04-16 21:08:00
Modified time: 2014-04-28 13:05:34
MD5: 84E058B59213580D07680DDE16C6FC9C
SHA1: 0F897A782D14004BECEAF335604049D267DD3EAB


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 26939
Created time: 2014-04-16 21:08:02
Modified time: 2014-04-28 13:05:36
MD5: 9811001F9BC814B7C6D001097AD49BFB
SHA1: D0F466944C5CF67487569DAC48E7B9199C037475


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5523
Created time: 2014-04-16 21:08:03
Modified time: 2014-04-16 21:08:03
MD5: D4D0F6E1CDC17997A40E164F2109CB6B
SHA1: B3C9E383D2875CCE81BB98997392B2B693E21A39


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing\BaiduWifiSharing.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221044
Created time: 2014-04-16 21:08:12
Modified time: 2014-04-28 13:05:44
MD5: 8ECB8AF45E0552D80209EC305C54A89A
SHA1: BC61BFBF32B2065A2FCDC65A6C05859194CD5D80


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37461
Created time: 2014-04-08 19:46:13
Modified time: 2014-04-08 19:46:15
MD5: BBCF3790DC2F188C76F9CD9BA7EA4D7C
SHA1: 3AB640778187B784BD3512B621905BCC7F567201


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37134
Created time: 2014-04-08 19:47:01
Modified time: 2014-04-08 19:47:01
MD5: CCB9F0414530AF17A3D8E108FAA1E3B2
SHA1: E2F977EBF904F4EEE2ADF4A5E5A1AB9B0E9817FD


--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-04-08 19:42:20
Modified time: 2014-04-08 19:42:20
MD5: 64F6C433F884D43B055DE28A8C4D5878
SHA1: 6C58A3ECCC268D702DB6AB32449EDDB69FEC415A


--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-04-08 19:42:20
Modified time: 2014-04-08 19:42:20
MD5: 64F6C433F884D43B055DE28A8C4D5878
SHA1: 6C58A3ECCC268D702DB6AB32449EDDB69FEC415A


--- C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1389
Created time: 2014-04-08 19:42:19
Modified time: 2014-04-08 19:42:19
MD5: 0CF397EB03840FCEE9EFF2B4B056B2F7
SHA1: 1C3A737C2E79439B7817BB0F72041EC4BC700E6F


--- C:\Users\rym\Desktop\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1351
Created time: 2014-04-08 19:42:20
Modified time: 2014-04-08 19:42:20
MD5: A8739A59AF7BCEB1BE773997C9ADBCB7
SHA1: 00CE06BCBA7C96C805F740E3D51D47D80BF8E705


--- C:\Windows\Prefetch\BAIDU_SECURE_SYSTEMUP_4.0.1.5-9DB77602.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 81386
Created time: 2014-04-08 19:42:04
Modified time: 2014-04-08 19:42:04
MD5: 9F045822FC69942CFFBC38C87D50F4E5
SHA1: 90227B083D8332DC4D4B3B2CF95B902E20130258


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-27 19:55:25
Modified time: 2014-04-08 19:42:19
MD5: 0D6FAF9B82DA1163173FD1DE42D23C71
SHA1: B7B735B761E36A6489AEB4304E7E61AAAAA35BBD


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-43-19-0564-[8185].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-58-18-0791-[11121].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-59-03-0318-[25524].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-11 04-08-18-0213-[5050].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-12 04-43-56-0202-[6022].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-12 04-43-57-0989-[20281].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-12 04-18-47-0467-[8595].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-12 04-18-49-0646-[22858].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-13 04-47-10-0134-[19902].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-13 04-20-23-0505-[7898].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-13 04-20-25-0511-[22161].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-14 04-33-07-0918-[20394].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-14 04-33-07-0918-[20394].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-14 04-34-23-0940-[25643].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-14 04-57-04-0999-[23332].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-16 04-57-33-0671-[4650].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-16 04-01-23-0008-[5401].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-16 04-02-43-0792-[19919].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-24 04-28-50-0524-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-04-24 04-31-05-0394-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-04-26 04-28-33-0506-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-04-28 04-04-49-0408-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-28 04-55-33-0450-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-28 04-56-41-0233-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-28 04-07-39-0013-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-04-29 04-45-00-0472-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-04-29 04-44-37-0248-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFaster-2014-04-29 04-56-30-0014-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFaster-2014-05-01 05-22-39-0590-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-02 05-23-00-0424-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-02 05-45-38-0093-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-05 05-08-10-0076-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-06 05-13-51-0769-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFaster-2014-05-06 05-17-56-0403-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-06 05-17-31-0908-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-18 05-20-11-0726-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-25 05-26-12-0437-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-pcftray-2014-05-25 05-26-14-0934-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFaster-2014-05-25 05-38-27-0104-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-25 05-36-51-0366-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-27 05-32-29-0372-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-27 05-18-06-0741-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-05-27 05-55-50-0839-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-05-27 05-54-50-0715-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFTray-2014-05-27 05-56-00-0223-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"="\"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe\" -auto -start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"="Baidu PC Faster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\UninstCaller.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.4.0.5812\\PCAppStore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.4.0.5812\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.4.0.5812"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win64]
@="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFShellEx64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR]
@="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win64]
@="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFShellEx64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR]
@="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"DisplayName"="Baidu PC App Store Service 4.4.0.5812"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"Description"="Baidu PC App Store Service 4.4.0.5812"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"DisplayName"="Baidu PC App Store Service 4.4.0.5812"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"Description"="Baidu PC App Store Service 4.4.0.5812"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.4.0.5812]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812\Install]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Exam]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\InstalledPatchesRecord]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"TkBellExe_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
"QuickSet_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\SystemCleanerTab]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\TrayIcon]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.0.6.5038\\AppStoreUpdater.exe"=hex:53,\

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"=hex:53,\

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5579\\AppStoreUpdater.exe"=hex:53,\

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.4.0.5812\\AppStoreUpdater.exe"=hex:53,\

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Users\\rym\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe"=hex:53,\

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.4.0.5812]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [08/04/2014 16:43]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26/05/2014 21:41]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

Google Docs - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Google Wallet - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - rym\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{31090377-0740-419E-BEFC-A56E50500D5B} Speedial Url="http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_22_ch&cd=2XzuyEtN2Y1L1Qzuzy0C0DtBtC0E0E0ByC0DyB0C0BtD0DyDtN0D0Tzu0SzzyBzztN1L2XzutBtFtBtDtFtBtDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDzztA0EzztAtBtBtGyE0B0D0CtGtA0E0DyCtGzzyD0CyEtGyE0EtA0B0CyE0CtDtD0DyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FyByD0B0F0FtDtGzy0F0AtCtG0CzyzytCtG0CyB0EtDtGyB0FyE0DzztD0EyCyC0CyC0D2Q&cr=2028608299&ir="
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\rym\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\rym\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\rym\Desktop\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -shortcut
C:\Users\rym\Desktop\VDMax 3.00 Smart (SanMobili).lnk - C:\VDMax300-SanMobili\VDMax.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop

==== shortcuts in Users Start Menu ======================

C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast antivirus.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\PCAppStore.exe /openfrom=startmenu
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\Uninstall.exe /openfrom=startmenu
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér\Uninstall Price Metér.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Promob plus 2012\Promob plus 2012.lnk - C:\Program Files (x86)\Promob plus 2012\Promob Plus\Program\bin\Promob.exe
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Promob plus 2012\Uninstall Promob plus 2012.lnk - C:\Program Files (x86)\Promob plus 2012\Uninstal.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub\Configuration.lnk - C:\Windows\System32\rundll32.exe VSFilter.dll,DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub\Uninstall.lnk - C:\Program Files (x86)\DirectVobSub\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\GDSMux.lnk - C:\Program Files (x86)\Haali\MatroskaSplitter\gdsmux.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Media Splitter Settings.lnk - C:\Windows\System32\rundll32.exe splitter.ax,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Uninstall.lnk - C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe – Internet Security.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi Protector\WiFi Protector.lnk - C:\Program Files (x86)\WiFi Protector\wifiProtLauncher.exe --launchGUI
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Check for Updates.lnk - C:\Program Files (x86)\Xvid\autoupdate-windows.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Decoder.lnk - C:\Windows\System32\rundll32.exe xvid.ax,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Encoder.lnk - C:\Windows\System32\rundll32.exe xvidvfw.dll,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Release Notes.lnk - C:\Program Files (x86)\Xvid\releasenotes.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Uninstall Xvid Video Codec.lnk - C:\Program Files (x86)\Xvid\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid MiniConvert.lnk - C:\Program Files (x86)\Xvid\MiniConvert.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's FourCC Changer.lnk - C:\Program Files (x86)\Xvid\AviC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's MiniCalc.lnk - C:\Program Files (x86)\Xvid\MiniCalc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Some Quantization Matrices.lnk - C:\Program Files (x86)\Xvid\Xvid_Quant_Matrices.zip
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader 2.1.lnk - C:\Program Files (x86)\Xvid\StatsReader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader Notes.lnk - C:\Program Files (x86)\Xvid\statsreader.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\xvid_encraw.lnk - C:\Windows\system32\cmd.exe /k ""C:\Program Files (x86)/Xvid\xvid_encraw.exe"" -h

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\rym\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Promob plus 2012.lnk - C:\Program Files (x86)\Promob plus 2012\Promob Plus\Program\bin\Promob.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:50058;https=127.0.0.1:50058"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rym\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rym\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\rym\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=594 folders=112 14111942 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\rym\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\rym\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 27/05/2014 at 21:09:03,91 ======================
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Qua 28 maio 2014, 10:42

Porque você repetiu o mesmo relatório duas vezes?
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty desculpa

Mensagem por ricardo yukio matsumoto Qua 28 maio 2014, 13:44

me desculpe, achei que nao havia mandado o relatório da primeira vez.
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Qua 28 maio 2014, 14:00

ricardo yukio matsumoto escreveu:me desculpe, achei que nao havia mandado o relatório da primeira vez.
Você enviou certo da primeira vez. A questão é que é demorado para analisar e tem várias pessoas com outros relatórios também para serem analisados, por isto é que lento este processo.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Qua 28 maio 2014, 20:14

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione a opção Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty relatorio

Mensagem por ricardo yukio matsumoto Qua 28 maio 2014, 22:35


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by rym on 28/05/2014 at 22:09:31,54.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\rym\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-27-215410.log 70319 bytes
C:\zoek-results2014-05-28-000903.log 50838 bytes

==== System Restore Info ======================

28/05/2014 22:11:20 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812} deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"UninstallString"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.4.0.5812]
"InstallDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BaiduShellEx]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BaiduShellEx]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BaiduShellEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win64]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win64]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.4.0.5812}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.4.0.5812]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu\Hao123-br\hao123desk]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812\Install]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Exam]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\InstalledPatchesRecord]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"TkBellExe_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
"QuickSet_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\SystemCleanerTab]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\TrayIcon]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\Setup]
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.0.6.5038\\AppStoreUpdater.exe"=-
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"=-
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5579\\AppStoreUpdater.exe"=-
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.4.0.5812\\AppStoreUpdater.exe"=-
[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\\Users\\rym\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.4.0.5812]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.4.0.5812\LastReportTime]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Deleting Files \ Folders ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster deleted
C:\Users\Public\Documents\Baidu deleted
C:\Users\Public\Documents\Baidu Security deleted
C:\Users\rym\AppData\Roaming\Baidu Security deleted
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store deleted
C:\Users\rym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster deleted
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security deleted
"C:\Users\rym\Desktop\Baidu PC Faster.lnk" deleted
"C:\Windows\Prefetch\BAIDU_SECURE_SYSTEMUP_4.0.1.5-9DB77602.pf" deleted
"C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\AppStoreUtilExe.exe" deleted
"C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\DataReport.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BdApiUtil.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BETManger.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BHips.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\CP.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\DataReport.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\DirectUI.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\HipsDR.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\HipsHB.dll" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\log2.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.LeakRepair\LeakRepair.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.Optimizer\SysOptEngine.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.SystemCleaner\CleanerEngine.dll" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.Optimizer\SysOpt\optlist.dat" not deleted
"C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-05-28 05-41-58-0884-[0041].tmp" not deleted
"C:\ProgramData\Baidu Security\RpData\rpFile-PCFTray-2014-05-28 05-42-52-0485-[0041].tmp" deleted
"C:\Users\All Users\Baidu Security\RpData\rpFile-PCFasterSvc-2014-05-28 05-41-58-0884-[0041].tmp" not deleted
"C:\Users\All Users\Baidu Security\RpData\rpFile-PCFTray-2014-05-28 05-42-52-0485-[0041].tmp" deleted
"C:\Program Files (x86)\Baidu Security" not deleted
"C:\ProgramData\Baidu Security" not deleted
"C:\Users\All Users\Baidu Security" not deleted
"C:\Program Files (x86)\Baidu Security\PC App Store" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster" not deleted
"C:\Program Files (x86)\Baidu Security\PC App Store\4.4.0.5812" deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.LeakRepair" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.Optimizer" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.SystemCleaner" not deleted
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.Optimizer\SysOpt" not deleted
"C:\ProgramData\Baidu Security\RpData" not deleted
"C:\Users\All Users\Baidu Security\RpData" not deleted

==== Folders Found ======================

2014-05-27 19:05:11 2014-05-27 19:05:11 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-04-08 19:41:18 2014-05-29 01:13:24 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-08 19:41:18 2014-05-29 01:13:15 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-08 19:41:18 2014-05-29 01:13:15 -------- d-----w- C:\Users\All Users\Baidu Security
2014-05-29 01:14:52 2014-05-29 01:14:52 -------- d-----w- C:\Users\rym\AppData\Roaming\Baidu Security
2014-05-29 01:12:34 2014-05-29 01:12:36 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-05-29 01:13:05 2014-05-29 01:13:05 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-29 01:13:06 2014-05-29 01:13:06 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster
2014-05-29 01:13:06 2014-05-29 01:13:06 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-05-29 01:13:07 2014-05-29 01:13:07 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster
2014-05-29 01:13:07 2014-05-29 01:13:07 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-05-29 01:13:07 2014-05-29 01:13:07 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-05-29 01:13:07 2014-05-29 01:13:08 -------- d---a-w- C:\zoek_backup\C_Users_rym_AppData_Roaming_Baidu Security
2014-05-29 01:13:08 2014-05-29 01:13:09 -------- d---a-w- C:\zoek_backup\C_Users_rym_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC App Store
2014-05-29 01:13:09 2014-05-29 01:13:09 -------- d---a-w- C:\zoek_backup\C_Users_rym_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster
2014-05-29 01:13:09 2014-05-29 01:13:09 -------- d---a-w- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Roaming_Baidu Security
2014-05-29 01:12:42 2014-05-29 01:12:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe
2014-05-29 01:12:42 2014-05-29 01:12:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag
2014-05-29 01:12:42 2014-05-29 01:12:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr
2014-05-29 01:12:43 2014-05-29 01:12:43 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe
2014-05-29 01:12:44 2014-05-29 01:12:44 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag
2014-05-29 01:12:44 2014-05-29 01:12:44 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr
2014-05-29 01:12:44 2014-05-29 01:12:44 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe
2014-05-29 01:12:46 2014-05-29 01:12:46 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag
2014-05-29 01:12:46 2014-05-29 01:12:46 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr
2014-05-29 01:12:46 2014-05-29 01:12:46 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe
2014-05-29 01:12:46 2014-05-29 01:12:46 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag
2014-05-29 01:12:46 2014-05-29 01:12:46 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr
2014-05-29 01:12:52 2014-05-29 01:12:52 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor
2014-05-29 01:12:52 2014-05-29 01:12:52 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag
2014-05-29 01:12:52 2014-05-29 01:12:52 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr
2014-05-29 01:12:53 2014-05-29 01:12:53 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing
2014-05-29 01:12:59 2014-04-28 13:06:37 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\BaiduSafe
2014-05-29 01:12:59 2014-04-28 13:06:37 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduDefrag
2014-05-29 01:12:59 2014-05-29 01:12:59 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr
2014-05-29 01:12:59 2014-04-28 13:06:37 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\BaiduSafe
2014-05-29 01:13:01 2014-04-28 13:06:37 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduDefrag
2014-05-29 01:13:01 2014-04-24 17:26:59 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr
2014-05-29 01:13:03 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\BaiduSafe
2014-05-29 01:13:03 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduDefrag
2014-05-29 01:13:03 2014-04-24 17:27:00 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr
2014-05-29 01:13:03 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\BaiduSafe
2014-05-29 01:13:03 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduDefrag
2014-05-29 01:13:03 2014-05-29 01:13:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr
2014-05-29 01:13:05 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduBatteryDoctor
2014-05-29 01:13:05 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduDefrag
2014-05-29 01:13:05 2014-04-24 17:27:00 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr
2014-05-29 01:13:05 2014-04-28 13:06:38 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduWifiSharing

==== Files Found ======================


--- C:\zoek_backup\C_Users_rym_Desktop_Baidu PC Faster.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1351
Created time: 2014-05-29 01:13:09
Modified time: 2014-04-08 19:42:20
MD5: A8739A59AF7BCEB1BE773997C9ADBCB7
SHA1: 00CE06BCBA7C96C805F740E3D51D47D80BF8E705


--- C:\zoek_backup\C_Windows_Prefetch_BAIDU_SECURE_SYSTEMUP_4.0.1.5-9DB77602.pf.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 81386
Created time: 2014-05-29 01:13:09
Modified time: 2014-04-08 19:42:04
MD5: 9F045822FC69942CFFBC38C87D50F4E5
SHA1: 90227B083D8332DC4D4B3B2CF95B902E20130258


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3436
Created time: 2014-05-27 19:55:25
Modified time: 2014-04-08 19:42:19
MD5: 0D6FAF9B82DA1163173FD1DE42D23C71
SHA1: B7B735B761E36A6489AEB4304E7E61AAAAA35BBD


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll ---
Company: Baidu Inc.
File Description: PC Faster Interface Plugin Manager
File Version: 4,0,3,67165
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2012 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1268416
Created time: 2014-05-29 01:12:36
Modified time: 2014-04-28 12:55:52
MD5: C7E947550A3125661D198295206F7133
SHA1: 29EF863BC5C8066A9154B8E392C1F0F8FB94386D


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135615
Created time: 2014-05-29 01:12:42
Modified time: 2014-04-28 12:56:45
MD5: 9FEE9C33084ACF83106AAB9BF73D6D35
SHA1: BD971D9A7804978BF19B5AD194B566F22D22ADD3


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17718
Created time: 2014-05-29 01:12:42
Modified time: 2014-04-28 12:56:49
MD5: 281AF40C5241BE6FD2A489872D54F3E1
SHA1: 6C28D7D950634712D18BF097A516B21E3DB541F8


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36814
Created time: 2014-05-29 01:12:42
Modified time: 2014-04-13 22:21:35
MD5: 51002A20C9651142B49E83A58442E1F6
SHA1: B00474C7E8DD528A020DBD6D2459083C1F4DB588


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135495
Created time: 2014-05-29 01:12:43
Modified time: 2014-04-28 12:56:53
MD5: B8EB7B13DDADCB34384BB1C3B111507B
SHA1: B3E09B9BF0A47E57D1CCB6E223E82CDD86D1822F


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18424
Created time: 2014-05-29 01:12:44
Modified time: 2014-04-28 12:56:55
MD5: 1100F09C60EAC3ECB030489F187FD25D
SHA1: 9A25E2B176919337147A2D7767ADD2337218340D


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 88133
Created time: 2014-05-29 01:12:44
Modified time: 2014-04-16 21:02:56
MD5: E8CE61D8300F7C7D816006D481C14F75
SHA1: B01121641E8239612CD518707D801FDD870AC481


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 220986
Created time: 2014-05-29 01:12:44
Modified time: 2014-04-28 12:57:00
MD5: B4C910F5B1F780BA4B0CF9BC1D9DEE9B
SHA1: 89874D6B99FCB78E8B7558030B849153E85723A4


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 20232
Created time: 2014-05-29 01:12:46
Modified time: 2014-04-28 12:57:02
MD5: 54CF958C2214888392AFDED4AC86D39C
SHA1: 071CE8E84FBC52AF95E30B3423F98F17A267B0EF


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36325
Created time: 2014-05-29 01:12:46
Modified time: 2014-04-16 21:03:02
MD5: 1F2287DCCFA2B0D461F92217C9165C85
SHA1: 880DD1B39723E5F93C267067DC3818C43974E268


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 244846
Created time: 2014-05-29 01:12:46
Modified time: 2014-04-28 12:57:07
MD5: CDEF31A4402F0EFF715394A5961CDE6B
SHA1: 20B1761B9B69E77CC7E08EAD1EA25437186215CE


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18332
Created time: 2014-05-29 01:12:46
Modified time: 2014-04-28 12:57:11
MD5: 484ABABF535F91607C4B1C88827BF4C6
SHA1: D96A0769491524B7E7FD1F882CA94184241CDC01


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36511
Created time: 2014-05-29 01:12:46
Modified time: 2014-04-13 22:22:01
MD5: D19D16CFA1ACBF369052D10388EFDBD5
SHA1: 489AF1A698E43A2B39B190435EEF7C65070C1F67


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor\BaiduBatteryDoctor.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 33159
Created time: 2014-05-29 01:12:52
Modified time: 2014-04-28 13:05:34
MD5: 84E058B59213580D07680DDE16C6FC9C
SHA1: 0F897A782D14004BECEAF335604049D267DD3EAB


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 26939
Created time: 2014-05-29 01:12:52
Modified time: 2014-04-28 13:05:36
MD5: 9811001F9BC814B7C6D001097AD49BFB
SHA1: D0F466944C5CF67487569DAC48E7B9199C037475


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5523
Created time: 2014-05-29 01:12:52
Modified time: 2014-04-16 21:08:03
MD5: D4D0F6E1CDC17997A40E164F2109CB6B
SHA1: B3C9E383D2875CCE81BB98997392B2B693E21A39


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing\BaiduWifiSharing.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221044
Created time: 2014-05-29 01:12:53
Modified time: 2014-04-28 13:05:44
MD5: 8ECB8AF45E0552D80209EC305C54A89A
SHA1: BC61BFBF32B2065A2FCDC65A6C05859194CD5D80


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37461
Created time: 2014-05-29 01:12:59
Modified time: 2014-04-08 19:46:15
MD5: BBCF3790DC2F188C76F9CD9BA7EA4D7C
SHA1: 3AB640778187B784BD3512B621905BCC7F567201


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37134
Created time: 2014-05-29 01:13:03
Modified time: 2014-04-08 19:47:01
MD5: CCB9F0414530AF17A3D8E108FAA1E3B2
SHA1: E2F977EBF904F4EEE2ADF4A5E5A1AB9B0E9817FD


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-05-29 01:13:06
Modified time: 2014-04-08 19:42:20
MD5: 64F6C433F884D43B055DE28A8C4D5878
SHA1: 6C58A3ECCC268D702DB6AB32449EDDB69FEC415A


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-05-29 01:13:07
Modified time: 2014-04-08 19:42:20
MD5: 64F6C433F884D43B055DE28A8C4D5878
SHA1: 6C58A3ECCC268D702DB6AB32449EDDB69FEC415A


--- C:\zoek_backup\C_Users_rym_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1389
Created time: 2014-05-29 01:13:09
Modified time: 2014-04-08 19:42:19
MD5: 0CF397EB03840FCEE9EFF2B4B056B2F7
SHA1: 1C3A737C2E79439B7817BB0F72041EC4BC700E6F


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1619 folders=652 261151899 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\HipsHB.dll" not found
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Plugins\Plugin.Optimizer\SysOpt\optlist.dat" not found
"C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-05-28 05-41-58-0884-[0041].tmp" deleted
"C:\Users\All Users\Baidu Security\RpData\rpFile-PCFasterSvc-2014-05-28 05-41-58-0884-[0041].tmp" not found
"C:\Program Files (x86)\Baidu Security" not found
"C:\ProgramData\Baidu Security" deleted
"C:\Users\All Users\Baidu Security" not found

==== EOF on 28/05/2014 at 22:33:23,05 ======================
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Power Max Qui 29 maio 2014, 18:21

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione a opção Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 30 maio 2014, 22:11, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty relatorio

Mensagem por ricardo yukio matsumoto Qui 29 maio 2014, 23:32


Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by rym on 29/05/2014 at 21:17:57,26.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\rym\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-27-215410.log 70319 bytes
C:\zoek-results2014-05-28-000903.log 50838 bytes
C:\zoek-results2014-05-29-013323.log 35786 bytes

==== System Restore Info ======================

29/05/2014 21:20:16 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[-HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2684560957-3572435350-149285756-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1619 folders=652 261151899 bytes)

==== EOF on 29/05/2014 at 21:21:23,61 ======================
ricardo yukio matsumoto
ricardo yukio matsumoto
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/05/2014

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Danii Sex 30 maio 2014, 20:30

ANTIVIRUS - ce_umbrellacert 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.
Danii
Danii
Membro Pleno
Membro Pleno

Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Danii Ter 17 Jun 2014, 11:55

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii
Danii
Membro Pleno
Membro Pleno

Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil

Ir para o topo Ir para baixo

ANTIVIRUS - ce_umbrellacert Empty Re: ce_umbrellacert

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

 
Permissões neste sub-fórum
Não podes responder a tópicos