Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
4 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 4 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


remover hao do notebook

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

remover hao do notebook

Mensagem por Guilherme Bastos em Seg 30 Jun 2014, 12:10

Boa tarde,
Meu notebook foi infectado com o hao... Podem me ajudar a tirar ?
Segue o log do Hijack
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:08:46, on 30/06/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\windows\SysWOW64\Userinit.exe,
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.5.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O8 - Extra context menu item: Se&nd to OneNote - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - Trusted Zone: *.itau.com.br
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\windows\SysWOW64\lktsrv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
O23 - Service: NI System Web Server (NISystemWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15615 bytes
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Seg 30 Jun 2014, 12:14

Olá Guilherme.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Seg 30 Jun 2014, 12:50

# AdwCleaner v3.214 - Relatório criado 30/06/2014 às 12:18:59
# Atualizado 29/06/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : asus - ASUS-PC
# Executando de : C:\Users\asus\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Program Files (x86)\baidu
Pasta Deletada : C:\Users\asus\AppData\Local\Temp\baidu
Pasta Deletada : C:\Users\asus\AppData\Roaming\baidu
Pasta Deletada : C:\Users\asus\Documents\PC Speed Maximizer
Pasta Deletada : C:\Users\Public\Documents\baidu
Arquivo Deletada : C:\Users\asus\AppData\Local\Temp\Uninstall.exe

***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [1392 octets] - [27/01/2014 16:10:11]
AdwCleaner[R1].txt - [1345 octets] - [30/06/2014 12:18:13]
AdwCleaner[S0].txt - [1387 octets] - [27/01/2014 16:15:07]
AdwCleaner[S1].txt - [1386 octets] - [30/06/2014 12:18:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1446 octets] ##########
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Seg 30 Jun 2014, 12:59

 No seu PC está constando o Baidu instalado. Você quer removê-lo ou quer continuar com ele? Seja qual for a sua resposta para esta pergunta, siga também as dicas abaixo:

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

* Dê um duplo clique com o botão esquerdo do mouse no Zoek.exe para abri-lo.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 15 Jul 2014, 11:49, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Seg 30 Jun 2014, 15:37

se possível vou querer remover sim... nem sabia que tinha ele no pc achei que ja tinha me livrado rsrs
valeu pela ajuda, segue o log

Zoek.exe v5.0.0.0 Updated 28-06-2014
Tool run by asus on 30/06/2014 at 15:09:34,07.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes

==== System Restore Info ======================

30/06/2014 15:10:34 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Application Data deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\asus\Searches deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\asus\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-06-29 17:18:12 2014-06-29 17:18:12 -------- d-----w- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
2014-06-29 17:18:12 2014-06-30 14:48:45 -------- d-----w- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus
2014-06-29 17:18:27 2014-06-29 17:18:27 -------- d-----w- C:\ProgramData\Baidu Security
2014-06-29 17:18:27 2014-06-29 17:18:27 -------- d-----w- C:\Users\All Users\Baidu Security

==== Files Found ======================


--- C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUQTNUVB\baidu[1].png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37090
Created time: 2014-06-29 17:14:43
Modified time: 2014-06-29 17:14:43
MD5: A97F79B2091C6F123856367DDE6F18EB
SHA1: 2E7684B93D3A641223D9AEC1EB3CE9A03FBD1B1D


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"="C:\\Users\\asus\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1111.exe"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"="0"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"="{\"TabIndex\":\"0\",\"accesstime\":\"1404062231\",\"LogicCreatedTime\":\"1404062227\",\"url\":\"bdbrowser://welcome/\",\"Title\":\"Baidu Spark Security Browser\",\"FavIconURL\":\"bdbrowser://welcome/favicon.ico\",\"Historyid\":\"ccdc9783c0164c41864c23aac6e77fdb\"}"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension" [20/02/2014 16:13]

==== Chrome Look ======================

GBBD Guardião - Itaú 30 horas - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg
Google Wallet - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=smt_pay_hp_06_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\asus\Desktop\fm - Atalho.lnk - C:\Users\asus\Documents\Football.Manager.2014.CRACKED-3DM\Football Manager 2014\fm.exe
C:\Users\asus\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\Desktop\Grand Chase.lnk - C:\Level Up Games\Grand Chase\GrandChase.exe
C:\Users\asus\Desktop\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\Users\asus\Desktop\PXG Client.lnk - C:\Users\asus\AppData\Roaming\pxgclient\pxgclient\client\launcher.exe
C:\Users\asus\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\asus\Desktop\UsbFix.lnk - C:\UsbFix\Wscript.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Agarest Generations of War.lnk - C:\Program Files (x86)\Agarest Generations of War\Agarest.exe
C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Public\Desktop\ASUS WebStorage.lnk - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Public\Desktop\Battlefield 3.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DKLegend.lnk - C:\Program Files (x86)\DKLegend\updater.exe
C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Origin.lnk - D:\Games\Origin\Origin.exe
C:\Users\Public\Desktop\Plants vs. Zombies.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\ASUS\Backup & Restore\AI Recovery Burner.lnk - C:\ProgramData\ChangeFolderView\aiRecovery.ico
C:\Users\Public\Desktop\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe
C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\ASUS\Multimedia\ASUSDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Public\Desktop\ASUS\System tool\Intel(R) Turbo Boost Technology Monitor 2.5.lnk - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
C:\Users\Public\Desktop\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico
C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

==== shortcuts in Users Start Menu ======================

C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PXG Client.lnk - C:\Users\asus\AppData\Roaming\pxgclient\pxgclient\client\launcher.exe
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Activate or Trial PRO mode.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\resources\setup.exe --activate --setTrue-DoProceed
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Migration from PICC STD.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\migration.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Quickstart guide.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\quickstart.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Release notes.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\readme.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Uninstall.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\resources\setup.exe --remove
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\User manual.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\manual.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\Activate or uninstall.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\resources\setup.exe
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\Release notes.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\resources\readme.txt
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\User manual.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\docs\manual.pdf

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA EULA.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\eula\en_US_eula.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Read Me.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\readme\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Technical Support.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Battlefield 3™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\asus\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\asus\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Desinstalar Origin.lnk - D:\Games\Origin\OriginUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk - D:\Games\Origin\Origin.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Relatório de Erro Origin.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Plants vs. Zombies End User License Agreement.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Plants vs. Zombies EN\eula.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Plants vs. Zombies.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Read Me.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Plants vs. Zombies EN\readme.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Technical Support.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Support\EA Help\Technical Support.en_US.rtf

==== shortcuts in Quick Launch ======================

C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intel(R) Turbo Boost Technology Monitor 2.5.lnk - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\Trend Micro\Trend Micro Titanium Internet Security 2012.lnk - C:\Program Files (x86)\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP9TJSRK will be deleted at reboot
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVPLVOER will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=20 folders=19 14823370 bytes)

==== Empty Temp Folders ======================

C:\Users\asus\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\asus\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP9TJSRK" not found
"C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVPLVOER" not found

==== EOF on 30/06/2014 at 15:35:52,86 ======================
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Seg 30 Jun 2014, 21:09

Desative temporariamente seu antivírus para evitar conflitos.

* Dê um duplo clique com o botão esquerdo do mouse no Zoek.exe para abri-lo.

* Selecione e copie todo este texto destacado em vermelho que te passei. e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Ter 01 Jul 2014, 02:11


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 1:06:42,11.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes

==== System Restore Info ======================

01/07/2014 01:08:30 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687 deleted
C:\ProgramData\Baidu Security deleted

==== Folders Found ======================

2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-01 04:10:41 2014-06-29 17:18:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687_Baidu Antivirus
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687\Baidu Antivirus
2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-01 04:10:41 2014-06-29 17:18:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687_Baidu Antivirus
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 1:15:16,92 ======================
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Ter 01 Jul 2014, 12:32

Desative temporariamente seu antivírus para evitar conflitos.

* Clique com o botão direito do mouse no Zoek.exe e escolha a opção de Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Ter 01 Jul 2014, 13:09


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 13:05:13,37.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes
C:\zoek-results2014-07-01-041516.log 31894 bytes

==== System Restore Info ======================

01/07/2014 13:06:02 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 13:08:57,70 ======================
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Ter 01 Jul 2014, 13:15

Desative temporariamente seu antivírus para evitar conflitos.

* Clique com o botão direito do mouse no Zoek.exe e escolha a opção de Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Ter 01 Jul 2014, 14:11


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 13:52:41,32.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes
C:\zoek-results2014-07-01-041516.log 31894 bytes
C:\zoek-results2014-07-01-160857.log 4455 bytes

==== System Restore Info ======================

01/07/2014 13:53:01 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 13:56:05,56 ======================
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Ter 01 Jul 2014, 15:38

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Ter 01 Jul 2014, 17:01

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Basic x64
Ran by asus on 01/07/2014 at 16:47:42,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/07/2014 at 16:59:09,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Qua 02 Jul 2014, 09:28

Faça o download do < [Você precisa estar registrado e conectado para ver este link.] > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Você precisa estar registrado e conectado para ver este link.]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Qua 02 Jul 2014, 09:57

~ Relatório do ZHPDiag v2014.6.30.100 - Nicolas Coolman (30/06/2014)
~ Iniciado por asus (02/07/2014 09:49:34)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Trend Micro Titanium v5.00
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.10

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6023 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 102 GB (34%) free of 300 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ASUS-PC
~ User Name: asus
~ All Users Names: Convidado, asus, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\asus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\asus\AppData\Roaming\
~ %Desktop% : C:\Users\asus\Desktop\
~ %Favorites% : C:\Users\asus\Favorites\
~ %LocalAppData% : C:\Users\asus\AppData\Local\
~ %StartMenu% : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 102 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 298 Go of 374 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.09/03/2012 - 15:26:38.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/03/2012 - 15:32:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.09/03/2012 - 15:11:02.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/84
~ Mes musiques (My Musics) : 1/536
~ Mes Videos (My Videos) : 1/23
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/4446
~ Mon Bureau (My Desktop) : 1/728
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 03s



---\\ Processos lançados
[MD5.2CC9F71A12C3F7E1D8F1EBD52163637C] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080] [PID.2824]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872] [PID.776]
[MD5.353061164FA2A032576340A35EA8C6D9] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1120936] [PID.2660]
[MD5.63A0FE3B1B094DAE328F46FCADABDBE4] - (.ASUS - FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [375424] [PID.2412]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568] [PID.2572]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\windows\AsScrPro.exe [3058304] [PID.2452]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [162456] [PID.3904]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816] [PID.4144]
[MD5.1C10324F2D829B2820B8E626F5CA9445] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1754816] [PID.1500]
[MD5.C6B3E2702322614DC9BF37E8077978BE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272] [PID.1300]
[MD5.09E3F3BBB6ABD32A8156DDD2A082812C] - (.National Instruments Corporation - NI Error Reporting Server.) -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [663896] [PID.4324]
[MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5380]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720] [PID.5500]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.5528]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072] [PID.5784]
[MD5.99ECAF298145F950B1326656167FBFDF] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336] [PID.6048]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.6124]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.7112]
[MD5.D2FC0CCC8B37F87EB0804545AF69BE39] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8072704] [PID.4964]
[MD5.591A7E5FC4A8121B2ABF4E768B64ABA7] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [527928] [PID.1000]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1404]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1460]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1204]
[MD5.52436245AAEF3B65DF7859949AB6A14E] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120] [PID.1420]
[MD5.9571D8BDB56EBC52280E8020574508E6] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2088]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2116]
[MD5.7CBF0476029371402D14CD776612EE6A] - (.National Instruments Corporation - lkads.) -- C:\windows\SysWOW64\lkads.exe [53544] [PID.2172]
[MD5.F566E1CA9F08B75E6118D66B5CC9FFB9] - (.National Instruments Corporation - NI Service Locator.) -- C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440] [PID.2296]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\windows\SysWOW64\PnkBstrA.exe [76888] [PID.2336]
[MD5.E4E034F79D88B34C5B4BA28BAE2259F7] - (.Razer Inc. - RzKLService.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448] [PID.2376]
[MD5.20CDB07017497C94A0BAD253C4BAFCBC] - (.National Instruments, Inc. - Part of Logos.) -- C:\windows\SysWOW64\lkcitdl.exe [695136] [PID.2524]
[MD5.B9BA33801B5F9B79F0949AF206F96177] - (.National Instruments Corporation - lktsrv.) -- C:\windows\SysWOW64\lktsrv.exe [63792] [PID.2612]
[MD5.3B712766DEA950ACA65789B460AA1899] - (.National Instruments Corporation - nidmsrv.) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720] [PID.2768]
[MD5.F59599F4C0B3259AC1355F34E6AC6342] - (.National Instruments Corporation - National Instruments Zeroconf Service.) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976] [PID.2836]
[MD5.4CED4C1E0EE160F287FE90BB2F8878B2] - (.National Instruments Corporation - System Web Server Daemon.) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680] [PID.2860]
[MD5.7BDE66D35986F70D89341B5A4640FC93] - (.National Instruments Corporation - Application Web Server Daemon.) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696] [PID.2516]
[MD5.C14E6798A092E0E86556104767BEBD48] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.2204]
[MD5.EA75E0837B21B46E88102E23438FE2CB] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe [289408] [PID.1712]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4136]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.4244]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.4680]
[MD5.6E1A473DD2A4714EAF7D11E2315DF794] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543424] [PID.6296]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.1188]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 02s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\asus\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 13 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - Trend Micro Client Main Console.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [NI Update Service] . (.National Instruments - National Instruments Update Service.) -- C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.itau.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.itau.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 24 Legitimates Filtered in 00mn 18s



---\\ Tarefas planificadas automaticamente (039)
[MD5.4E8C983215115036C46841FFB51562A1] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS\AutoKMS.exe [2820608] =>Trojan.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{2AFB1E8E-128D-447E-997A-934010E841E9}] (...) -- C:\Users\asus\Downloads\ZHPDiag2.exe (.not file.) [0]
[MD5.7195F43F161472145B7D02CA350C9C06] [APT] [{AD612C69-15F5-4B58-BEAD-0035B17015B2}] (...) -- C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe [128384]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828]
O39 - APT: APT: - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [830]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
~ Drivers: 78 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Agarest Generations of War - (...) [HKLM][64Bits] -- QWdhcmVzdEdlbmVyYXRpb25zb2ZXYXI=_is1
O42 - Logiciel: Conquest of Champions - (.Kihon Inc..) [HKLM][64Bits] -- Steam App 266450
O42 - Logiciel: DKLegend - (.DKLegend.) [HKLM][64Bits] -- {DBBBA561-CBC3-4B95-9B45-C6E19510EDBC}_is1
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Guardião - Itaú 30 horas - (...) [HKLM][64Bits] -- {70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1
O42 - Logiciel: HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 - (.HI-TECH Software.) [HKLM][64Bits] -- PICC 9.82
O42 - Logiciel: HI-TECH C51-lite V9.60PL0 - (.HI-TECH Software.) [HKLM][64Bits] -- HC51 9.60PL0
~ Logic: 27 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\Mechanist.co]
[HKCU\Software\MechanistGames]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
~ Key Software: 340 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/02/2014 - 18:22:31 - [] ----D C:\Program Files (x86)\DKLegend
O43 - CFD: 13/11/2013 - 21:17:13 - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 06/06/2014 - 13:04:15 - [] ----D C:\Users\asus\AppData\Roaming\Injustice
O43 - CFD: 23/05/2014 - 12:38:55 - [] ----D C:\Users\asus\AppData\Roaming\pxgclient
O43 - CFD: 27/06/2014 - 21:29:10 - [] ----D C:\Users\asus\AppData\Roaming\WizardWars
O43 - CFD: 03/02/2014 - 01:48:54 - [] ----D C:\Users\asus\AppData\Local\EdgeOfReality
O43 - CFD: 13/11/2013 - 21:17:01 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
~ Program Folder: 183 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3A91696F5B31EBDDBA9533F6805251B6] - 01/07/2014 - 01:15:16 ---A- . (...) -- C:\zoek-results2014-07-01-041516.log [31894]
O44 - LFC:[MD5.373252F4378FF7FA36AA5EE88CF4B85F] - 01/07/2014 - 13:08:57 ---A- . (...) -- C:\zoek-results2014-07-01-160857.log [4455]
O44 - LFC:[MD5.FFA54FBBBED8CEACE551537A4E51B20E] - 01/07/2014 - 13:13:33 ---A- . (...) -- C:\Windows\DirectX.log [105078]
O44 - LFC:[MD5.EF41770D8409EC3BCA28BC20AB99AABA] - 01/07/2014 - 13:56:05 ---A- . (...) -- C:\zoek-results.log [3686]
O44 - LFC:[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - 02/07/2014 - 00:49:04 ---A- . (...) -- C:\Windows\System32\AcpiServiceVnA64.dll [109848]
O44 - LFC:[MD5.505609C10E1DA95914C728B62F36E066] - 02/07/2014 - 00:49:04 ---A- . (...) -- C:\Windows\System32\audioLibVc.dll [33592]
O44 - LFC:[MD5.5950161AD9643B7153CC509DA76DF15E] - 02/07/2014 - 00:49:07 ---A- . (.ICEpower a/s - ICEpower ICEsound audio effects.) -- C:\Windows\System32\ICEsoundAPO64.dll [291488]
O44 - LFC:[MD5.4013C8B5C62F7F8E6A027DFB19173A4E] - 02/07/2014 - 00:49:10 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [1099203]
O44 - LFC:[MD5.886CE666A9507E17475C7156B157D181] - 02/07/2014 - 00:49:11 ---A- . (...) -- C:\Windows\System32\Drivers\rtvienna.dat [5804772]
O44 - LFC:[MD5.CC758BDB722C466464CF09CF70F47D29] - 02/07/2014 - 00:49:13 ---A- . (...) -- C:\Windows\System32\SStudio.dll [2117424]
O44 - LFC:[MD5.9FBE5A19407525C676978DD7F65644D4] - 02/07/2014 - 01:00:31 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1540]
O44 - LFC:[MD5.FB30F6CC42BA1962DF9BFFC73862B099] - 29/06/2014 - 14:20:36 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [151600]
O44 - LFC:[MD5.AB9F3E1868D9E7BD40839B19A734AEE9] - 29/06/2014 - 14:20:36 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [717420]
O44 - LFC:[MD5.A6799D0F42122C0D1E28655C10DB2707] - 29/06/2014 - 15:50:05 ---A- . (...) -- C:\AVScanner.ini [30]
O44 - LFC:[MD5.5EBE617DCE65B6AB0BABD3D4B2F22334] - 30/06/2014 - 11:53:15 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini [2220]
O44 - LFC:[MD5.6990A80D3F9EA9F0B3524E0DB809A4CD] - 30/06/2014 - 13:15:26 ---A- . (...) -- C:\zoek-results2014-06-30-161526.log [1294]
O44 - LFC:[MD5.F06770330A3A60E2DC85CF8D9C1CD706] - 30/06/2014 - 15:35:52 ---A- . (...) -- C:\zoek-results2014-06-30-183552.log [33842]
~ Files: 78 Legitimates Filtered in 02mn 05s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:21/12/2011 - 18:15:56 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys [35968]
O58 - SDL:07/11/2011 - 23:48:28 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys [16512]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:02/02/2012 - 15:37:26 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [200488]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 68 Legitimates Filtered in 00mn 30s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Você precisa estar registrado e conectado para ver este link.] - [Você precisa estar registrado e conectado para ver este link.] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 20/01/2012 - C:\Windows\System32\DRIVERS\TurboB.sys (TurboB) .(.Intel(R) Corporation - TurboB Device Driver.) - LEGACY_TURBOB
~ Legacy: 85 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.D9CDF805A35884085A8EF65E1D9E2042] [SPRF][02/07/2014] (...) -- C:\Users\asus\AppData\Roaming\sp_data.sys [387]
[MD5.BABDE3081625BED651FE19978E6C29C8] [SPRF][11/05/2014] (...) -- C:\Users\asus\AppData\Roaming\unins000.dat [15839]
[MD5.8A236E7B3C42C236C75FC2191F8E2778] [SPRF][13/05/2014] (...) -- C:\Users\asus\Desktop\NI_Circuit_Design_Suite_13_0_1_Education.exe [764789592]
~ Files: 4 Legitimates Filtered in 00mn 12s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
~ BTK: 68 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/06/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/02/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 10/07/1658 0 | (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\windows\system32\EasyAntiCheat.exe
SS - | Auto 09/03/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/03/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 10/12/2013 81248 | (NIApplicationWebServer64) . (.National Instruments Corporation.) - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - | Demand 02/08/2010 1427688 | (NILM License Manager) . (.Macrovision Corporation.) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\windows\system32\FBAgent.exe
SR - | Auto 02/08/2011 275912 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 16/02/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 05/05/2014 527928 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 03/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 07/02/2012 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 07/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 27/10/2010 695136 | (LkCitadelServer) . (.National Instruments, Inc..) - C:\windows\SysWOW64\lkcitdl.exe
SR - | Auto 12/06/2013 53544 | (lkClassAds) . (.National Instruments Corporation.) - C:\windows\SysWOW64\lkads.exe
SR - | Auto 12/06/2013 63792 | (lkTimeSync) . (.National Instruments Corporation.) - C:\windows\SysWOW64\lktsrv.exe
SR - | Auto 07/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/12/2013 57696 | (NIApplicationWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SR - | Auto 12/06/2013 380720 | (NIDomainService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
SR - | Auto 11/05/2013 260976 | (nimDNSResponder) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
SR - | Auto 10/12/2013 90440 | (NiSvcLoc) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
SR - | Auto 10/12/2013 57680 | (NISystemWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\windows\system32\PnkBstrA.exe
SR - | Auto 25/02/2014 105448 | (RzKLService) . (.Razer Inc..) - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
SR - | Demand 29/05/2014 543424 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Demand 20/01/2012 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 07/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/06/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
C:\windows\AutoKMS\AutoKMS.exe =>Trojan.AutoKMS^
~ Additionnel Scan: 363137 Items scanned in 00mn 46s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.AutoKMS
~ MSI: 1 link(s) detected in 00mn 00s



~ 893 Legitimates filtered by white list
End of the scan (507 lines in 06mn 06s)(0)
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Qua 02 Jul 2014, 10:21

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Você precisa estar registrado e conectado para ver este link.]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
__________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Qua 02 Jul 2014, 12:58

vou conferir os programas que estão iniciando, valeu.
segue o log
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by asus at 02/07/2014 12:57:26
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bnbase
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu

========== Valores do Registo ==========
ELIMINÉ RunValue: ETDCtrl
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (376) (336.468.334 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {2AFB1E8E-128D-447E-997A-934010E841E9}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
3 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 56s

========== Caminho do ficheiro do relatório ==========
C:\Users\asus\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/07/2014 12:57:32 [1352]
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Qui 03 Jul 2014, 09:05

Como está o PC depois destes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Qui 03 Jul 2014, 13:23

o hao saiu da página inicial, mas agora teve um problema que o processo do ELAN Pointing Device (touchpad para rolar a barra pra baixo por ex) parou de iniciar junto com o pc e não sei como resolver... tentei no CCleaner mas lá não tem o processo... sabe o que pode ter ocorrido ?
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Qui 03 Jul 2014, 13:24

Vá no site oficial do fabricante do seu notebook e baixe e instale o driver para o touchpad e veja se resolve.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Guilherme Bastos em Seg 14 Jul 2014, 01:45

consegui obrigado...
o notebook está bem melhor agora
avatar
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Seg 14 Jul 2014, 09:34

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Você precisa estar registrado e conectado para ver este link.].
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Power Max em Ter 15 Jul 2014, 11:51

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Você precisa estar registrado e conectado para ver este link.] = O melhor da internet você encontra aqui.

[Você precisa estar registrado e conectado para ver este link.] = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: remover hao do notebook

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum