Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Não consigo desinstalar o Baidu para instalar o Kaspersky.

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 11:05

Ao tentar instalar o Kaspersky anti-virus ele acusa o Baidu, porém não consigo achar ele para desinstalar... Alguém me ajude por gentileza !
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 11:13

Olá Danilo.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Segue anexo Adw[S2].txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 11:29

# AdwCleaner v3.211 - Relatório criado 03/06/2014 às 11:22:07
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WPM
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 11:29

Você postou só um pedaço do relatório, copie ele todo e poste aqui.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Segue anexo Adw[S3].txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 11:41

# AdwCleaner v3.211 - Relatório criado 03/06/2014 às 11:38:25
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\AppDataLow\Software

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : icpgjfneehieebagbmdbhnlpiopdcmna

*************************

AdwCleaner[R0].txt - [6218 octets] - [26/04/2014 10:23:16]
AdwCleaner[R1].txt - [3662 octets] - [29/04/2014 11:58:49]
AdwCleaner[R2].txt - [7227 octets] - [03/06/2014 11:19:59]
AdwCleaner[R3].txt - [1489 octets] - [03/06/2014 11:36:50]
AdwCleaner[S0].txt - [6275 octets] - [26/04/2014 10:24:43]
AdwCleaner[S1].txt - [3420 octets] - [29/04/2014 11:59:34]
AdwCleaner[S2].txt - [5345 octets] - [03/06/2014 11:22:07]
AdwCleaner[S3].txt - [1399 octets] - [03/06/2014 11:38:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1459 octets] ##########
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 11:43

Poste o conteúdo do arquivo AdwCleaner[S2].txt que está dentro da pasta do AdwCleaner.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) AdwCleaner[S2].txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 11:54

não consigo localizar o relatório AdwCleaner[S2].txt, toda vez ele gera um novo, como proceder ?
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 11:56

Este arquivo já está no seu computador, não precisa executar o Adwcleaner de novo. É só acessar este local do seu PC que o arquivo está lá gravado:
C:\AdwCleaner\AdwCleaner[S2].txt

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Segue anexo Adw[S2].txt completo

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 12:03

# AdwCleaner v3.211 - Relatório criado 03/06/2014 às 11:22:07
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\Program Files\IminentToolbar
Pasta Deletada : C:\Users\User\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\User\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
Pasta Deletada : C:\Users\User\AppData\Roaming\IminentToolbar
Pasta Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Arquivo Deletada : C:\Users\User\AppData\LocalLow\SkwConfig.bin
Arquivo Deletada : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbarNRO_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbarNRO_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Chave Deletedo : HKCU\Software\simplytech
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : icpgjfneehieebagbmdbhnlpiopdcmna

*************************

AdwCleaner[R0].txt - [6218 octets] - [26/04/2014 10:23:16]
AdwCleaner[R1].txt - [3662 octets] - [29/04/2014 11:58:49]
AdwCleaner[R2].txt - [7227 octets] - [03/06/2014 11:19:59]
AdwCleaner[S0].txt - [6275 octets] - [26/04/2014 10:24:43]
AdwCleaner[S1].txt - [3420 octets] - [29/04/2014 11:59:34]
AdwCleaner[S2].txt - [5205 octets] - [03/06/2014 11:22:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5265 octets] ##########
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 12:08

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Segue relatório JRT.txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 12:30

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by User on 03/06/2014 at 12:15:18,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95525BD9-6136-4A26-8263-9CEE295D442D}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\alot"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{105C65BE-26DE-4501-82EB-43E23C19CAEE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19E7AABC-8401-435E-82A4-6753A0474964}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25141BF7-DF2A-4F03-BA18-8BCCE11C66BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{328A2439-DBB5-4D43-89BF-4264B215C66D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3B03137E-5865-40A1-8D61-AB32309E9812}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5049D9C4-CDA2-4CBC-AA49-05F3D689594E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5BC8F147-F395-4522-B034-2AFCDE149861}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{62C299A7-90E0-46C8-9721-889FB37C9AD2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73981D05-7D66-4534-8EE2-AAA1B8FB5019}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{756C6DFE-8333-404B-B342-B5B559B80519}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C6E7B270-2753-455F-A17C-9B383D67B867}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE951CF6-7D4F-444B-B7B5-30E3CA9386B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F07E044D-2009-48BA-A3B2-069EEC88DDF8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4660A25-77BF-4038-A8BB-998CA1A9D6DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F54B1E45-0485-4099-86B3-11BE0BEEABA6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F9799381-79B1-444A-92AE-A1973F3B067A}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/06/2014 at 12:16:56,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 12:31

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 03 Jun 2014, 17:35, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Segue relatório zoek-results.txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 12:52

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User on 03/06/2014 at 12:37:29,53.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

03/06/2014 12:38:35 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\GUT1999.tmp deleted
C:\Program Files\GUM1998.tmp deleted
C:\Program Files\GUM19C6.tmp deleted
C:\Program Files\GUM5FEE.tmp deleted
C:\found.000 deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\whlb32g.dll deleted
C:\PROGRA~2\ICQ deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\User\AppData\Local\nsv489A.tmp deleted
C:\Users\User\AppData\Local\avgchrome deleted
C:\Users\User\AppData\Local\cache deleted
C:\Users\User\AppData\LocalLow\VideoDownloadConverter_4zEI deleted
C:\Windows\wininit.ini deleted
C:\user.js deleted
C:\prefs.js deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\7go02@7go.com deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\7go@7go.com deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com deleted
C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers deleted
"C:\Users\User\AppData\Local\{97F22CC3-307F-417E-8391-7534DAD306E4}" deleted
"C:\Users\User\AppData\Roaming\.NANotifyHere" deleted

==== Folders Found ======================

2014-04-26 13:24:44 2014-04-26 13:24:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-26 13:24:45 2014-04-26 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\baidu
2014-04-26 13:24:45 2014-04-26 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\baidu\Baidu Antivirus
2013-08-22 04:37:56 2014-04-24 21:14:02 -------- d-----w- C:\ProgramData\Baidu Security
2013-08-22 04:37:56 2014-04-24 21:14:02 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-23 18:12:28 2014-04-23 18:12:28 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-04-23 18:13:22 2014-04-24 16:45:23 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-04-23 18:13:42 2014-04-23 18:26:31 -------- d-----w- C:\Users\User\AppData\Roaming\Baidu Security
2014-04-24 21:01:35 2014-04-24 21:01:35 -------- d-----w- C:\Users\User\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-24 21:01:36 2014-04-24 21:01:36 -------- d-----w- C:\Users\User\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-04-18 17:40:47 2014-04-18 17:40:47 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Baidu Security

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [26/03/2014 10:02]

==== Chrome Look ======================

Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Facebook - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm
History Eraser - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm
NTR - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Downloader - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Outlook.com - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
"Search Page"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=77324&st=home&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=77324&st=home&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267"
"Default_Search_URL"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=77324&st=bs&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=77324&st=bs&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=77324&st=bs&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.oquefazernainternet.com/q/%s"
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=77324&st=home&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=77324&st=home&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267"
"Default_Search_URL"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=77324&tid=18194&ver=5.7&ts=1398913200000.000000&tguid=77324-18194-1398970130864-AFB5294ED2D6D8034839FD6F54DDA267&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.bing.com/search?q={searchTerms}"
"CustomizeSearch"="http://www.bing.com/search?q={searchTerms}"
"Default_Search_URL"="http://www.google.com/"
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
"SearchAssistant"="http://www.google.com"
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com.br/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\User\Desktop\Conexão de Banda Larga 2 - Atalho.lnk -  
C:\Users\User\Desktop\Conexão de Banda Larga 3 - Atalho.lnk -  
C:\Users\User\Desktop\ConvertXtoDVD 4.lnk - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Users\User\Desktop\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\User\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\Desktop\Nero Burning ROM.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8  
C:\Users\User\Desktop\Nero Express.lnk - C:\Program Files\Nero\Nero 7\Core\nero.exe -ScParameter=8  /w
C:\Users\User\Desktop\PhotoFiltre.lnk - C:\Program Files\PhotoFiltre\PhotoFiltre.exe
C:\Users\User\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\User\Desktop\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\User\Desktop\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8  
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Public\Desktop\Paint.NET.lnk - C:\Program Files\Paint.NET\PaintDotNet.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxiGet Download Manager\Run MaxiGet Download Manager.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxiGet Download Manager\Unisntall MaxiGet Download Manager.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\HD VDeck.lnk - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\On-Screen Keyboard (2).lnk - C:\Windows\system32\osk.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C299880A-30B4-9968-3808-39A7B7EC6014} deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=357 folders=42 72980637 bytes)

==== Empty Temp Folders ======================

C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 03/06/2014 at 12:49:43,57 ======================
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 13:23

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 03 Jun 2014, 17:36, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Segue relatório zoek-results.txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 13:34

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User on 03/06/2014 at 13:28:58,66.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-154943.log 31203 bytes
C:\zoek-results2014-06-03-162538.log 9713 bytes

==== System Restore Info ======================

03/06/2014 13:29:15 Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

==== Deleting Files \ Folders ======================

C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu deleted
C:\Users\Public\Documents\Baidu Security deleted
C:\Users\User\AppData\Roaming\Baidu Security deleted
C:\Windows\System32\config\systemprofile\AppData\Roaming\Baidu Security deleted

==== Folders Found ======================

2014-04-26 13:24:44 2014-04-26 13:24:44 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-26 13:24:45 2014-04-26 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\baidu
2014-04-26 13:24:45 2014-04-26 13:24:45 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\baidu\Baidu Antivirus
2014-06-03 16:29:50 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_User_AppData_Roaming_Baidu Security
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_User_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_User_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Windows_System32_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_User_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-03 16:29:51 2014-06-03 16:29:51 -------- d---a-w- C:\zoek_backup\C_Users_User_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=442 folders=104 142744547 bytes)

==== EOF on 03/06/2014 at 13:31:54,91 ======================
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 13:52

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 03 Jun 2014, 17:35, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Segue relatório C:zoek-results.txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 14:02

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User on 03/06/2014 at 13:59:08,33.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-154943.log 31203 bytes
C:\zoek-results2014-06-03-162538.log 9713 bytes
C:\zoek-results2014-06-03-163154.log 13333 bytes

==== System Restore Info ======================

03/06/2014 13:59:25 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-21-3505273857-1756045905-3684678939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=442 folders=104 142744547 bytes)

==== EOF on 03/06/2014 at 14:01:02,98 ======================
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 14:04

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 03 Jun 2014, 17:34, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Segue relatório C:zoek-results.txt

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 14:08

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User on 03/06/2014 at 14:06:49,93.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-154943.log 31203 bytes
C:\zoek-results2014-06-03-162538.log 9713 bytes
C:\zoek-results2014-06-03-163154.log 13333 bytes
C:\zoek-results2014-06-03-170102.log 2926 bytes

==== System Restore Info ======================

03/06/2014 14:07:06 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=442 folders=104 142744547 bytes)

==== EOF on 03/06/2014 at 14:07:16,14 ======================
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 14:09

Faça o download do < [Você precisa estar registrado e conectado para ver este link.] > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Relatório do ZHPDiag

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 14:20

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Iniciado por User (03/06/2014 14:17:36)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3062 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 233 GB (50%) free of 466 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 233 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1235
~ Mes musiques (My Musics) : 1/22603
~ Mes Videos (My Videos) : 2/511
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 2/134
~ Mon Bureau (My Desktop) : 2/497
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 11s



---\\ Processos lançados
[MD5.8CCDD2784481A88B62451A3B123E6DEA] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1728512] [PID.2880]
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.2896]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.2908]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.2916]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2948]
[MD5.FC71E74EDAB5AC4C86F6BD34523CAA6D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [1647912] [PID.3032]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3132]
[MD5.DA0A59FAA480EE4B7D4BD5CFDB703962] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe [718720] [PID.3140]
[MD5.623594A3979C3C60F4E45303E5F66773] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4616984] [PID.3168]
[MD5.043FE3C9088BEADC6A9FFC033C84F20F] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [227712] [PID.3184]
[MD5.9AED8E824CF5FAAB67957EDBC5512060] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [164864] [PID.1860]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.3932]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8020480] [PID.3872]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [icpgjfneehieebagbmdbhnlpiopdcmna] New Tab Redirect v.3.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pfpeapihoiogbcmdmnibeplnikfnhoge] Outlook.com v.1.0.2 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Scopus Tecnologia Ltda - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{95080B13-AA71-4EE8-B951-7E98221E1ED5} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E0301295-AB3E-4AF3-979F-3D453C5F9F48} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [InstallerLauncher] C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\.DEFAULT\..\Run: [Agente da Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [Agente de Aplicativo de Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Agente da Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Agente de Aplicativo de Carteira Bitdefender] C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- Chave orfã
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - [Você precisa estar registrado e conectado para ver este link.]
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B668117F-34C6-4C38-A319-138424AACD1D}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{B668117F-34C6-4C38-A319-138424AACD1D}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
O17 - HKLM\System\CS2\Services\Tcpip\..\{B668117F-34C6-4C38-A319-138424AACD1D}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Scopus Tecnologia Ltda - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: scpVista (scpVista) . (.Scopus Tecnologia Ltda - scpVista.) - C:\Program Files\Scpad\scpVista.exe
~ Services: 6 Legitimates Filtered in 00mn 02s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{0B4FF1C6-5A85-4531-BA86-098093A02A7C}] (...) -- C:\Users\User\Desktop\caspeed (2).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{11F57C8F-FCEE-45E1-B771-44EC29C51909}] (...) -- C:\Users\User\Desktop\wrar393br.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{192DEDBA-24AA-44E2-AD86-769AF63CC800}] (...) -- C:\Users\User\Desktop\Counter-Strike_1.6_v28.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{21A1A0EE-EFC0-4B65-94E9-3521F15AE121}] (...) -- C:\Users\User\Desktop\avira_free_antivirus_en.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{27836634-1000-4662-A0F5-FE3FC91E8DCE}] (...) -- C:\Users\User\Downloads\Player Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{27A3A84E-0DBE-4867-A2EF-69C8EF1D4CD0}] (...) -- C:\Users\User\Downloads\avira_free_antivirus_en (1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{378E0ED9-EB59-4955-A019-18A13348866A}] (...) -- C:\Program Files\Nero\Nero8\Nero\Uninstall\UNNERO.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{464F9E13-431E-4B34-901D-D3D421FC9472}] (...) -- C:\Users\User\AppData\Roaming\qone8\UninstallManager.exe (.not file.) [0] =>Hijacker.Qone8
[MD5.00000000000000000000000000000000] [APT] [{46C2CAAB-B977-49D6-8894-B0D15BB44D75}] (...) -- C:\Users\User\Downloads\avira_antivir_personal_en.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{58DC5A6A-B22E-46AC-AADC-60661FC81A67}] (...) -- C:\Program Files\Avira\AntiVir Desktop\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C3EDA6E-09D8-4864-BCA9-BFEDCBE688C4}] (...) -- C:\Program Files\Counter-Strike 1.6\hl.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{62248D19-8C4F-49D5-BCE8-9A04BB46FEF4}] (...) -- C:\Users\User\Downloads\BavPro_Setup_Mini_Br1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{660D7F02-1BA5-46B2-9A2C-A794C8E259D6}] (...) -- C:\Users\User\Downloads\install_icq7_n2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6B1C8D99-B11E-446A-8B92-C5A73212F5B0}] (...) -- C:\Users\User\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{71A64082-E667-4B9C-AB6C-7B967E7F8026}] (...) -- C:\Users\User\Desktop\avira_free_antivirus_ptbr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{728C5146-1231-4051-8BEB-6DA8A9ADD16C}] (...) -- C:\Users\User\Desktop\Install_MSN_Messenger.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7A4C9956-0935-4827-8772-609F62155BCD}] (...) -- C:\Program Files\PokerStars\PokerStarsUninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8DC0683C-E246-45C4-A292-B0A83169A0CD}] (...) -- C:\Users\User\Desktop\wrar393br.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8F5077B1-5E1A-4568-98DC-A445FC5E208E}] (...) -- C:\Users\User\Downloads\uninstall_flash_player.exe (.not file.) [0]
[MD5.B284E0F20811226BC0211BF742247542] [APT] [{94C06DAD-2E9E-4540-8A01-A9C2E8B2F4BB}] (...) -- C:\Program Files\WinRAR\WinRAR.exe [1039360]
[MD5.00000000000000000000000000000000] [APT] [{97517AB0-1098-4FD4-9037-D4454BA51C52}] (...) -- C:\Users\User\avira_free_antivirus_en.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B9CEEFF-FD30-44A4-AFB5-43F88523C419}] (...) -- C:\Users\User\Desktop\thrilldemo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9BA3E7F9-857B-4930-B76E-B996D5365DF0}] (...) -- C:\Program Files\CoolSMS\unins000.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B13D5ED4-83C0-47C4-B53B-D63DE05D7680}] (...) -- C:\Users\User\Desktop\SteamInstall_CS.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BF0BC06F-AB26-4685-871A-C27F7AC9B46A}] (...) -- C:\Users\User\Downloads\Player Setup (1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BFFA9DB1-003C-4932-B7CE-9A1D8CBDE0D4}] (...) -- C:\Users\User\Desktop\Winrar_3.90_Final_By_Muro.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C419406E-9EB3-4C2E-BBE3-03EF96B5843F}] (...) -- C:\Users\User\Downloads\Player Setup (1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C7522E3C-7B95-4861-8361-23561D9BD2F7}] (...) -- C:\Users\User\Desktop\install_flash_player.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C861F5CD-A7C1-4810-8905-EA9460AA0F6A}] (...) -- C:\Users\User\Downloads\gen_msn.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D066DBE5-76B6-40EA-AC03-969A277B7588}] (...) -- C:\Users\User\AppData\Local\Temp\Temp1_ZBot - SITECS.zip\ZBot - SITECS.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D7402E4D-811D-42AF-B7C8-A946F4DE4FA0}] (...) -- C:\Users\User\Desktop\ZBot - SITECS.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E5FF1C2C-9EF3-4A7B-8728-A5EFB276A6F1}] (...) -- C:\Users\User\Desktop\CS_Mod_BOPE_Diego_Hernandes.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1048]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1052]
~ Scheduled Task: 53 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver: (EfiMon) . (.360安全中心 - 360Efimon Driver.) - C:\Windows\System32\Drivers\Efimon.sys
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\38524InstEnd]
[HKCU\Software\45918InstEnd]
[HKCU\Software\AtesSoft]
[HKCU\Software\DownloadAstro]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\GeralBho]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Olhardigital]
[HKCU\Software\Start2me]
[HKCU\Software\TrueDownloader] =>PUP.SoftwareEngine
[HKCU\Software\eBook Maestro Books]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\AtesSoft]
[HKLM\Software\Dynamix]
[HKLM\Software\IncrediMail]
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\TrueDownloader] =>PUP.SoftwareEngine
~ Key Software: 206 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/02/2012 - 17:45:09 - [] ----D C:\Program Files\KeepTube
O43 - CFD: 18/07/2011 - 02:33:42 - [] ----D C:\Program Files\LGInternetKit
O43 - CFD: 20/08/2011 - 18:47:27 - [] ----D C:\Program Files\PegaJogo
O43 - CFD: 29/04/2014 - 11:53:10 - [] ----D C:\Program Files\Scpad
O43 - CFD: 30/12/2013 - 18:44:46 - [] ----D C:\Program Files\Super Tela
O43 - CFD: 23/08/2011 - 18:07:54 - [] ----D C:\Program Files\Turbo Internet
O43 - CFD: 13/03/2014 - 01:42:33 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 07/04/2014 - 12:56:14 - [] ----D C:\Users\User\AppData\Roaming\360safe
O43 - CFD: 13/04/2014 - 00:15:21 - [] ----D C:\Users\User\AppData\Roaming\RealWorld
O43 - CFD: 18/04/2014 - 13:24:32 - [] ----D C:\Users\User\AppData\Local\Maxiget
O43 - CFD: 30/12/2013 - 22:24:10 - [] ----D C:\Users\User\AppData\Local\Steppschuh
~ Program Folder: 170 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.0F13170A0D55186AC7E1175DD7896088] - 03/06/2014 - 12:49:43 ---A- . (...) -- C:\zoek-results2014-06-03-154943.log [31203]
O44 - LFC:[MD5.60B0B89975537B9A1E3489A37FD0D9D3] - 03/06/2014 - 13:25:38 ---A- . (...) -- C:\zoek-results2014-06-03-162538.log [9713]
O44 - LFC:[MD5.F52C512ECED87D9F91EEF8A6E54629E8] - 03/06/2014 - 13:31:54 ---A- . (...) -- C:\zoek-results2014-06-03-163154.log [13333]
O44 - LFC:[MD5.9CAEF932532EE085C44BB4BAE3AC1824] - 03/06/2014 - 14:01:02 ---A- . (...) -- C:\zoek-results2014-06-03-170102.log [2926]
O44 - LFC:[MD5.C943ADFED2D86F00F0570F210A1C6802] - 03/06/2014 - 14:07:16 ---A- . (...) -- C:\zoek-results.log [1003]
O44 - LFC:[MD5.3F7BB3414C01D0B7D0798436D6350462] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs CSII Decoder Kernel DLL.) -- C:\Windows\System32\Drivers\csiidecoder_kern_i386.sys [42112]
O44 - LFC:[MD5.7BB6E50536B565993BDB7328947089BF] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs Surround HP kernel DLL.) -- C:\Windows\System32\Drivers\Surroundhp_kern_i386.sys [47360]
O44 - LFC:[MD5.B74518D16B2DB347B900F1CFCE017D30] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs TruSurround HD 4 kernel DLL.) -- C:\Windows\System32\Drivers\tshd4_kern_i386.sys [47104]
~ Files: 15 Legitimates Filtered in 00mn 01s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Users\Public\Turbo Internet\iturbo.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Users\Public\Turbo Internet\iturbo.exe
O47 - AAKE:Key Export SP - "C:\Users\Public\Turbo Internet\clnfw.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Users\Public\Turbo Internet\clnfw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Turbo Internet\iturbo.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Program Files\Turbo Internet\iturbo.exe
~ Keys Export: 3 Legitimates Filtered in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{fb8872b6-b0fe-11e0-8513-0025224fc22f}\AutoRun\command. (...) -- I:\USBAutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys [23168]
O58 - SDL:26/07/2007 - 09:25:08 ---A- . (.No owner - SRS Labs CSII Decoder Kernel DLL.) -- C:\Windows\System32\Drivers\csiidecoder_kern_i386.sys [42112]
O58 - SDL:07/04/2014 - 12:55:36 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys [23624]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:07/04/2014 - 12:55:38 ---A- . (.360安全中心 - 360安全卫士 - HookPort.) -- C:\Windows\System32\Drivers\hookport.sys [75832]
O58 - SDL:26/12/2006 - 09:30:20 R--A- . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\Windows\System32\Drivers\PortIo.sys [6656]
O58 - SDL:21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:15/12/2009 - 14:41:30 ---A- . (.No owner - SRS WOW HD, TSXT, CSII, Mobile HD Standalone driver.) -- C:\Windows\System32\Drivers\SRS_SSCFilter_i386.sys [268912]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:26/07/2007 - 09:25:06 ---A- . (.No owner - SRS Labs Surround HP kernel DLL.) -- C:\Windows\System32\Drivers\Surroundhp_kern_i386.sys [47360]
O58 - SDL:26/07/2007 - 09:25:06 ---A- . (.No owner - SRS Labs TruSurround HD 4 kernel DLL.) -- C:\Windows\System32\Drivers\tshd4_kern_i386.sys [47104]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 82 Legitimates Filtered in 00mn 03s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 07/04/2014 - C:\Windows\System32\Drivers\Efimon.sys (EfiMon) .(.360安全中心 - 360Efimon Driver.) - LEGACY_EFIMON
O64 - Services: CurCS - 07/04/2014 - C:\Windows\System32\Drivers\Hookport.sys (HookPort) .(.360安全中心 - 360安全卫士 - HookPort.) - LEGACY_HOOKPORT
~ Legacy: 144 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - [Você precisa estar registrado e conectado para ver este link.] =>PUP.CertifiedToolbar
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.86669EB45F49A464EB759A80903A63C5] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.2264.bin [304114]
[MD5.16910661C9E52B31BCFE0B3C41A49B3F] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.2404.bin [2247]
[MD5.1E73D37A8FDD11EE816C3A1D32A03862] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.3108.bin [298705]
[MD5.E73CD08DDCF078194C4FACE831794E55] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.3568.bin [54008]
[MD5.842257DE5C5B8F7C86337065F9AE9AE7] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5252.bin [10651]
[MD5.9832F33E3CBD4C1EA2DFDE1DD6875481] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5256.bin [1090]
[MD5.81135DDB3C5B41B0CB54E940A5554F04] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5268.bin [1090]
[MD5.2AA2CE837FCAE4B652CF178E791B9667] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5272.bin [17801]
[MD5.DA1FCAE7ECCCE719D48446C73E8B312F] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5320.bin [16864]
[MD5.BCCE1E5FE7167042E2BEC6F2A03AB034] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5652.bin [3744]
[MD5.9F0B8931734C60869262AC69477DE3CD] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5656.bin [239647]
[MD5.DA3527904AA1FE03CC2719E7F1A7F14A] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.6056.bin [1545]
[MD5.AD270A65CEAE45553B4186C2D88851AF] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397523810.bdinstall.bin [92712]
[MD5.0FBD4FC831FFBCD85D44412EFC85EAB1] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397523816.bdinstall.bin [96736]
[MD5.8C115D0A5FCA06224BCDE29BBBF96957] [SPRF][15/04/2014] (...) -- C:\ProgramData\1397606445.bdinstall.bin [260090]
[MD5.DF1BD088CFD9355EFC776146C6F53740] [SPRF][16/04/2014] (...) -- C:\ProgramData\1397679952.bdinstall.bin [901460]
[MD5.8B9EEF6995E5D6B4AB0B3792B7F7FF79] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.1688.bin [123073]
[MD5.5E82CE38B962195FDE88996D8E401FD3] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.2276.bin [4416]
[MD5.65C7F2658269AF9F6E62FC4D95B6C6FD] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.2424.bin [11269]
[MD5.79C0F2A9763206A714C1265F7F480160] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.3252.bin [121313]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.bdinstall.bin [0]
[MD5.0B802853C1A3590A73DB2608B1692A4E] [SPRF][22/04/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][10/08/2012] (...) -- C:\Users\User\AppData\Roaming\inst.exe [87608]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][03/06/2014] (...) -- C:\Users\User\Desktop\AdwCleaner.exe [1327971]
[MD5.AB2C5F91C21B2517ACDA1FCEDF6F160F] [SPRF][17/02/2014] (.pove-productions - offPow v3.) -- C:\Users\User\Desktop\offPow.exe [565248]
[MD5.FBE9F3B6B86F8B82A325BD62C4121A3C] [SPRF][19/05/2014] (...) -- C:\Users\User\Desktop\setup_11.0.1.1245.x01_2014_05_19_08_26.exe [137462400]
[MD5.D2DB914565885A0554DD06994AD19DD8] [SPRF][14/04/2014] (.Geeky Productions - Vanity Remover - WinForms GUI.) -- C:\Users\User\Desktop\Vanity Remover.exe [33280]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][03/06/2014] (...) -- C:\Users\User\Desktop\zoek.exe [1285120]
~ Files: 31 Legitimates Filtered in 00mn 02s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{2E11A1D3-5808-42AF-9B78-BCC6B1D93C2A}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User\Instalações\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{759C5485-2933-499F-B676-9E36FEF6B1DB}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User\Instalações\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\funmoods_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\funmoods_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{0_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{0_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\SearchYaLatest_RASAPI32 =>Adware.SearchYa
HKLM\SOFTWARE\Microsoft\Tracing\SearchYaLatest_RASMANCS =>Adware.SearchYa
HKLM\SOFTWARE\Microsoft\Tracing\updateBizzybolt_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Microsoft\Tracing\updateBizzybolt_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent (1)_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent (1)_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-1644_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-1644_RASMANCS =>Adware.Yontoo
~ BTK: 560 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense
~ BCK: 6979 Legitimates Filtered in 00mn 07s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 04/05/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/05/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/04/2008 800040 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 10/07/2009 136496 | (scpVista) . (.Scopus Tecnologia Ltda.) - C:\Program Files\Scpad\scpVista.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 09s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 5

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKCU\Software\USyndication] =>Trojan.USyndication
[HKCU\Software\usyndication.com] =>Trojan.USyndication
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011941145}] =>PUP.CrossRider
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKCU\Software\TrueDownloader] =>PUP.SoftwareEngine^
[HKLM\Software\SupDp] =>PUP.SupTab^
[HKLM\Software\TrueDownloader] =>PUP.SoftwareEngine^
[HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}] (SaveSenseLive Core Class) =>PUP.SaveSense^
~ Additionnel Scan: 238469 Items scanned in 00mn 14s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.Qone8
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.WebsSearches
[Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Forumer
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SoftwareEngine
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SupTab
[Você precisa estar registrado e conectado para ver este link.] =>PUP.CertifiedToolbar
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Funmoods
[Você precisa estar registrado e conectado para ver este link.] =>Adware.IMBooster
[Você precisa estar registrado e conectado para ver este link.] =>Adware.SearchYa
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Bizzybolt
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Yontoo
[Você precisa estar registrado e conectado para ver este link.] =>PUP.SaveSense
[Você precisa estar registrado e conectado para ver este link.] =>PUP.MediaFinder
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.USyndication
[Você precisa estar registrado e conectado para ver este link.] =>PUP.CrossRider
~ MSI: 15 link(s) detected in 00mn 00s



~ 848 Legitimates filtered by white list
End of the scan (621 lines in 01mn 13s)(0)
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 15:41

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
_____________________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Ter 03 Jun 2014, 17:34, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Relatório Rapport de ZHPFix

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 16:04

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by User at 03/06/2014 16:01:42
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: CLSID Extra Buttons: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: EfiMon
ELIMINÉ: HKCU\Software\ForumerIT
ELIMINÉ: HKCU\Software\Start2me
ELIMINÉ: HKCU\Software\TrueDownloader
ELIMINÉ: HKLM\Software\SupDp
ELIMINÉ: HKLM\Software\TrueDownloader
ELIMINÉ CLSID MPSK: {fb8872b6-b0fe-11e0-8513-0025224fc22f}
ELIMINÉ: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ELIMINÉ: CLSID NameSpace: {35B6525E-071A-4EA9-B3BD-F6A742572F08}
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\funmoods_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\funmoods_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{0_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{0_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SearchYaLatest_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SearchYaLatest_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updateBizzybolt_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updateBizzybolt_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-1644_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\YontooSetup-S-1644_RASMANCS
ELIMINÉ: HKCR\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
ELIMINÉ: HKCU\Software\Classes\MF
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95525BD9-6136-4A26-8263-9CEE295D442D}
ELIMINÉ: HKCU\Software\USyndication
ELIMINÉ: HKCU\Software\usyndication.com
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011941145}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {95080B13-AA71-4EE8-B951-7E98221E1ED5}
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ELIMINÉ: Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068}
ELIMINÉ: Toolbar: {E0301295-AB3E-4AF3-979F-3D453C5F9F48}
ELIMINÉ RunValue: InstallerLauncher
ELIMINÉ RunValue: Agente da Carteira Bitdefender
ELIMINÉ RunValue: Carteira Bitdefender
ELIMINÉ RunValue: Agente de Aplicativo de Carteira Bitdefender
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (9) (6.798.825 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {0B4FF1C6-5A85-4531-BA86-098093A02A7C}
ELIMINÉ: {11F57C8F-FCEE-45E1-B771-44EC29C51909}
ELIMINÉ: {192DEDBA-24AA-44E2-AD86-769AF63CC800}
ELIMINÉ: {21A1A0EE-EFC0-4B65-94E9-3521F15AE121}
ELIMINÉ: {27836634-1000-4662-A0F5-FE3FC91E8DCE}
ELIMINÉ: {27A3A84E-0DBE-4867-A2EF-69C8EF1D4CD0}
ELIMINÉ: {378E0ED9-EB59-4955-A019-18A13348866A}
ELIMINÉ: {464F9E13-431E-4B34-901D-D3D421FC9472}
ELIMINÉ: {46C2CAAB-B977-49D6-8894-B0D15BB44D75}
ELIMINÉ: {58DC5A6A-B22E-46AC-AADC-60661FC81A67}
ELIMINÉ: {5C3EDA6E-09D8-4864-BCA9-BFEDCBE688C4}
ELIMINÉ: {62248D19-8C4F-49D5-BCE8-9A04BB46FEF4}
ELIMINÉ: {660D7F02-1BA5-46B2-9A2C-A794C8E259D6}
ELIMINÉ: {6B1C8D99-B11E-446A-8B92-C5A73212F5B0}
ELIMINÉ: {71A64082-E667-4B9C-AB6C-7B967E7F8026}
ELIMINÉ: {728C5146-1231-4051-8BEB-6DA8A9ADD16C}
ELIMINÉ: {7A4C9956-0935-4827-8772-609F62155BCD}
ELIMINÉ: {8DC0683C-E246-45C4-A292-B0A83169A0CD}
ELIMINÉ: {8F5077B1-5E1A-4568-98DC-A445FC5E208E}
ELIMINÉ: {97517AB0-1098-4FD4-9037-D4454BA51C52}
ELIMINÉ: {9B9CEEFF-FD30-44A4-AFB5-43F88523C419}
ELIMINÉ: {9BA3E7F9-857B-4930-B76E-B996D5365DF0}
ELIMINÉ: {B13D5ED4-83C0-47C4-B53B-D63DE05D7680}
ELIMINÉ: {BF0BC06F-AB26-4685-871A-C27F7AC9B46A}
ELIMINÉ: {BFFA9DB1-003C-4932-B7CE-9A1D8CBDE0D4}
ELIMINÉ: {C419406E-9EB3-4C2E-BBE3-03EF96B5843F}
ELIMINÉ: {C7522E3C-7B95-4861-8361-23561D9BD2F7}
ELIMINÉ: {C861F5CD-A7C1-4810-8905-EA9460AA0F6A}
ELIMINÉ: {D066DBE5-76B6-40EA-AC03-969A277B7588}
ELIMINÉ: {D7402E4D-811D-42AF-B7C8-A946F4DE4FA0}
ELIMINÉ: {E5FF1C2C-9EF3-4A7B-8728-A5EFB276A6F1}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
29 : Chaves do Registo
14 : Valores do Registo
1 : Pastas
2 : Ficheiros
31 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 53s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/06/2014 16:01:48 [4823]
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Power Max em Ter 03 Jun 2014, 16:06

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Relatório do ZHPDiag

Mensagem por Danilo Marsaro em Ter 03 Jun 2014, 16:14

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman  (30/05/2014)
~ Iniciado por User (03/06/2014 16:12:10)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Kaspersky Anti-Virus v14.0.0.4651
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3062 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 232 GB (49%) free of 466 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 232 Go of 466 Go)
D: CD-ROM drive (Free 0 Go of 1 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 02:41:49.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 07:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 09:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/1235
~ Mes musiques (My Musics) : 1/22603
~ Mes Videos (My Videos) : 2/511
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 2/134
~ Mon Bureau (My Desktop) : 2/498
~ Menu demarrer (Programs) : 1/35
~ Hidden Files:  Scanned in 00mn 03s



---\\ Processos lançados
[MD5.8CCDD2784481A88B62451A3B123E6DEA] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe   [1728512] [PID.2864]
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [141848] [PID.2880]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [173592] [PID.2888]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [150552] [PID.2900]
[MD5.FC71E74EDAB5AC4C86F6BD34523CAA6D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe   [1647912] [PID.2912]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe   [252952] [PID.3000]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254336] [PID.3124]
[MD5.DA0A59FAA480EE4B7D4BD5CFDB703962] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe   [718720] [PID.3136]
[MD5.623594A3979C3C60F4E45303E5F66773] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   [4616984] [PID.3156]
[MD5.043FE3C9088BEADC6A9FFC033C84F20F] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe   [227712] [PID.3172]
[MD5.C4BC695A551F6125FC6C3183AB269E16] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe   [972992] [PID.1632]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   [860488] [PID.4724]
[MD5.4C820B50704EB1B259E63672EC55B122] - (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\klwtblfs.exe   [138944] [PID.5720]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8020480] [PID.1200]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Conselheiro de URLs da Kaspersky v.14.0.0.4651 (Activé)
G2 - GCE: Preference [User Data\Default] [hghkgaeecgjhjkannahfamoehjmkjail] Content Blocker v.14.0.0.4651 (Activé)
G2 - GCE: Preference [User Data\Default] [icpgjfneehieebagbmdbhnlpiopdcmna] New Tab Redirect v.3.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] Teclado virtual v.14.0.0.4651 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pfpeapihoiogbcmdmnibeplnikfnhoge] Outlook.com v.1.0.2 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 21 Legitimates Filtered in 00mn 02s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (...) -- C:\Program Files\VDownloader\Addons\npVDownloader.dll (.not file.)
~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Scopus Tecnologia Ltda - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll
~ BHO: 16 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe   =>.Microsoft Corporation
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3505273857-1756045905-3684678939-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kbrd.ico
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Verificação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\logo.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - [Você precisa estar registrado e conectado para ver este link.]
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B668117F-34C6-4C38-A319-138424AACD1D}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{B668117F-34C6-4C38-A319-138424AACD1D}: NameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC1B25ED-0D69-4A33-AA06-80AEA60A4CB7}: NameServer = 201.28.101.121,201.28.101.126
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Scopus Tecnologia Ltda - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: scpVista (scpVista) . (.Scopus Tecnologia Ltda - scpVista.) - C:\Program Files\Scpad\scpVista.exe
~ Services: 7 Legitimates Filtered in 00mn 08s



---\\ Tarefas planificadas automaticamente (039)
[MD5.B284E0F20811226BC0211BF742247542] [APT] [{94C06DAD-2E9E-4540-8A01-A9C2E8B2F4BB}] (...) -- C:\Program Files\WinRAR\WinRAR.exe   [1039360]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1048]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1052]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 01s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex.sys (.not file.)
O41 - Driver:  (EfiMon) . (.360安全中心 - 360Efimon Driver.) - C:\Windows\System32\Drivers\Efimon.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\38524InstEnd]
[HKCU\Software\45918InstEnd]
[HKCU\Software\AtesSoft]
[HKCU\Software\DownloadAstro]
[HKCU\Software\GeralBho]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Olhardigital]
[HKCU\Software\eBook Maestro Books]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\AtesSoft]
[HKLM\Software\Dynamix]
[HKLM\Software\IncrediMail]
~ Key Software: 202 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/02/2012 - 17:45:09 - [] ----D C:\Program Files\KeepTube
O43 - CFD: 18/07/2011 - 02:33:42 - [] ----D C:\Program Files\LGInternetKit
O43 - CFD: 20/08/2011 - 18:47:27 - [] ----D C:\Program Files\PegaJogo
O43 - CFD: 29/04/2014 - 11:53:10 - [] ----D C:\Program Files\Scpad
O43 - CFD: 30/12/2013 - 18:44:46 - [] ----D C:\Program Files\Super Tela
O43 - CFD: 23/08/2011 - 18:07:54 - [] ----D C:\Program Files\Turbo Internet
O43 - CFD: 13/03/2014 - 01:42:33 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/04/2014 - 00:15:21 - [] ----D C:\Users\User\AppData\Roaming\RealWorld
O43 - CFD: 18/04/2014 - 13:24:32 - [] ----D C:\Users\User\AppData\Local\Maxiget
O43 - CFD: 30/12/2013 - 22:24:10 - [] ----D C:\Users\User\AppData\Local\Steppschuh
~ Program Folder: 170 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.0F13170A0D55186AC7E1175DD7896088] - 03/06/2014 - 12:49:43 ---A- . (...) -- C:\zoek-results2014-06-03-154943.log   [31203]
O44 - LFC:[MD5.60B0B89975537B9A1E3489A37FD0D9D3] - 03/06/2014 - 13:25:38 ---A- . (...) -- C:\zoek-results2014-06-03-162538.log   [9713]
O44 - LFC:[MD5.F52C512ECED87D9F91EEF8A6E54629E8] - 03/06/2014 - 13:31:54 ---A- . (...) -- C:\zoek-results2014-06-03-163154.log   [13333]
O44 - LFC:[MD5.9CAEF932532EE085C44BB4BAE3AC1824] - 03/06/2014 - 14:01:02 ---A- . (...) -- C:\zoek-results2014-06-03-170102.log   [2926]
O44 - LFC:[MD5.C943ADFED2D86F00F0570F210A1C6802] - 03/06/2014 - 14:07:16 ---A- . (...) -- C:\zoek-results.log   [1003]
O44 - LFC:[MD5.3F7BB3414C01D0B7D0798436D6350462] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs CSII Decoder Kernel DLL.) -- C:\Windows\System32\Drivers\csiidecoder_kern_i386.sys   [42112]
O44 - LFC:[MD5.7BB6E50536B565993BDB7328947089BF] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs Surround HP kernel DLL.) -- C:\Windows\System32\Drivers\Surroundhp_kern_i386.sys   [47360]
O44 - LFC:[MD5.B74518D16B2DB347B900F1CFCE017D30] - 29/05/2014 - 11:37:58 ---A- . (.No owner - SRS Labs TruSurround HD 4 kernel DLL.) -- C:\Windows\System32\Drivers\tshd4_kern_i386.sys   [47104]
~ Files: 17 Legitimates Filtered in 00mn 00s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Users\Public\Turbo Internet\iturbo.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Users\Public\Turbo Internet\iturbo.exe
O47 - AAKE:Key Export SP - "C:\Users\Public\Turbo Internet\clnfw.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Users\Public\Turbo Internet\clnfw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Turbo Internet\iturbo.exe" [Enabled] .(.Ates Yazilim, Bilgisayar & Internet Teknolo.) -- C:\Program Files\Turbo Internet\iturbo.exe
~ Keys Export: 3 Legitimates Filtered in 00mn 00s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{f5b67065-3b62-11df-abf4-806e6f6e6963}\AutoRun\command. (.Kaspersky Lab ZAO - Kaspersky Autorun.) -- D:\autorun.exe
~ Keys:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys   [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys   [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys   [23168]
O58 - SDL:26/07/2007 - 09:25:08 ---A- . (.No owner - SRS Labs CSII Decoder Kernel DLL.) -- C:\Windows\System32\Drivers\csiidecoder_kern_i386.sys   [42112]
O58 - SDL:07/04/2014 - 12:55:36 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\System32\Drivers\efimon.sys   [23624]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:07/04/2014 - 12:55:38 ---A- . (.360安全中心 - 360安全卫士 - HookPort.) -- C:\Windows\System32\Drivers\hookport.sys   [75832]
O58 - SDL:26/12/2006 - 09:30:20 R--A- . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\Windows\System32\Drivers\PortIo.sys   [6656]
O58 - SDL:21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys   [32768]
O58 - SDL:15/12/2009 - 14:41:30 ---A- . (.No owner - SRS WOW HD, TSXT, CSII, Mobile HD Standalone driver.) -- C:\Windows\System32\Drivers\SRS_SSCFilter_i386.sys   [268912]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:26/07/2007 - 09:25:06 ---A- . (.No owner - SRS Labs Surround HP kernel DLL.) -- C:\Windows\System32\Drivers\Surroundhp_kern_i386.sys   [47360]
O58 - SDL:26/07/2007 - 09:25:06 ---A- . (.No owner - SRS Labs TruSurround HD 4 kernel DLL.) -- C:\Windows\System32\Drivers\tshd4_kern_i386.sys   [47104]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 91 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 07/04/2014 - C:\Windows\System32\Drivers\Hookport.sys (HookPort)  .(.360安全中心 - 360安全卫士 - HookPort.) - LEGACY_HOOKPORT
~ Legacy: 144 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.86669EB45F49A464EB759A80903A63C5] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.2264.bin   [304114]
[MD5.16910661C9E52B31BCFE0B3C41A49B3F] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.2404.bin   [2247]
[MD5.1E73D37A8FDD11EE816C3A1D32A03862] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.3108.bin   [298705]
[MD5.E73CD08DDCF078194C4FACE831794E55] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.3568.bin   [54008]
[MD5.842257DE5C5B8F7C86337065F9AE9AE7] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5252.bin   [10651]
[MD5.9832F33E3CBD4C1EA2DFDE1DD6875481] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5256.bin   [1090]
[MD5.81135DDB3C5B41B0CB54E940A5554F04] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5268.bin   [1090]
[MD5.2AA2CE837FCAE4B652CF178E791B9667] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5272.bin   [17801]
[MD5.DA1FCAE7ECCCE719D48446C73E8B312F] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5320.bin   [16864]
[MD5.BCCE1E5FE7167042E2BEC6F2A03AB034] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5652.bin   [3744]
[MD5.9F0B8931734C60869262AC69477DE3CD] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.5656.bin   [239647]
[MD5.DA3527904AA1FE03CC2719E7F1A7F14A] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397517928.6056.bin   [1545]
[MD5.AD270A65CEAE45553B4186C2D88851AF] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397523810.bdinstall.bin   [92712]
[MD5.0FBD4FC831FFBCD85D44412EFC85EAB1] [SPRF][14/04/2014] (...) -- C:\ProgramData\1397523816.bdinstall.bin   [96736]
[MD5.8C115D0A5FCA06224BCDE29BBBF96957] [SPRF][15/04/2014] (...) -- C:\ProgramData\1397606445.bdinstall.bin   [260090]
[MD5.DF1BD088CFD9355EFC776146C6F53740] [SPRF][16/04/2014] (...) -- C:\ProgramData\1397679952.bdinstall.bin   [901460]
[MD5.8B9EEF6995E5D6B4AB0B3792B7F7FF79] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.1688.bin   [123073]
[MD5.5E82CE38B962195FDE88996D8E401FD3] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.2276.bin   [4416]
[MD5.65C7F2658269AF9F6E62FC4D95B6C6FD] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.2424.bin   [11269]
[MD5.79C0F2A9763206A714C1265F7F480160] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.3252.bin   [121313]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][19/04/2014] (...) -- C:\ProgramData\1397952720.bdinstall.bin   [0]
[MD5.0B802853C1A3590A73DB2608B1692A4E] [SPRF][22/04/2014] (...) -- C:\ProgramData\ntuser.dat   [262144]
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][10/08/2012] (...) -- C:\Users\User\AppData\Roaming\inst.exe   [87608]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][03/06/2014] (...) -- C:\Users\User\Desktop\AdwCleaner.exe   [1327971]
[MD5.AB2C5F91C21B2517ACDA1FCEDF6F160F] [SPRF][17/02/2014] (.pove-productions - offPow v3.) -- C:\Users\User\Desktop\offPow.exe   [565248]
[MD5.FBE9F3B6B86F8B82A325BD62C4121A3C] [SPRF][19/05/2014] (...) -- C:\Users\User\Desktop\setup_11.0.1.1245.x01_2014_05_19_08_26.exe   [137462400]
[MD5.D2DB914565885A0554DD06994AD19DD8] [SPRF][14/04/2014] (.Geeky Productions - Vanity Remover - WinForms GUI.) -- C:\Users\User\Desktop\Vanity Remover.exe   [33280]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][03/06/2014] (...) -- C:\Users\User\Desktop\zoek.exe   [1285120]
~ Files: 31 Legitimates Filtered in 00mn 01s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{2E11A1D3-5808-42AF-9B78-BCC6B1D93C2A}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User\Instalações\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{759C5485-2933-499F-B676-9E36FEF6B1DB}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User\Instalações\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_en32_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_F91D44FAA5479127_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent (1)_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent (1)_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-3_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
~ BTK: 548 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 13/05/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 04/05/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/05/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/04/2008 800040 |  (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 22/01/2008 275752 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 10/07/2009 136496 |  (scpVista) . (.Scopus Tecnologia Ltda.) - C:\Program Files\Scpad\scpVista.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 21/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 17/06/2013 214512 |  (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
SR - | Auto 19/12/2006 81920 |  (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 14/08/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 10s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
~ Additionnel Scan: 248934 Items scanned in 00mn 20s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 825 Legitimates filtered by white list
End of the scan (523 lines in 01mn 11s)(0)
avatar
Danilo Marsaro
Membro
Membro

Mensagens : 361
Reputação : 1
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: Não consigo desinstalar o Baidu para instalar o Kaspersky.

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum