Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14807 usuários registrados
O último membro registrado é Costa24

Os nossos membros postaram um total de 36044 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por Costa24 Hoje à(s) 10:19

Quem está conectado?
14 usuários online :: 0 registrados, 0 invisíveis e 14 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


remover hao do notebook

2 participantes

Ir para baixo

remover hao do notebook Empty remover hao do notebook

Mensagem por Guilherme Bastos Seg 30 Jun 2014, 12:10

Boa tarde,
Meu notebook foi infectado com o hao... Podem me ajudar a tirar ?
Segue o log do Hijack
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:08:46, on 30/06/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\windows\SysWOW64\Userinit.exe,
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.5.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O8 - Extra context menu item: Se&nd to OneNote - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.itau.com.br
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\windows\SysWOW64\lkcitdl.exe
O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\windows\SysWOW64\lkads.exe
O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\windows\SysWOW64\lktsrv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI License Server (NILM License Manager) - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
O23 - Service: NI System Web Server (NISystemWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15615 bytes
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Seg 30 Jun 2014, 12:14

Olá Guilherme.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Seg 30 Jun 2014, 12:50

# AdwCleaner v3.214 - Relatório criado 30/06/2014 às 12:18:59
# Atualizado 29/06/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : asus - ASUS-PC
# Executando de : C:\Users\asus\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Program Files (x86)\baidu
Pasta Deletada : C:\Users\asus\AppData\Local\Temp\baidu
Pasta Deletada : C:\Users\asus\AppData\Roaming\baidu
Pasta Deletada : C:\Users\asus\Documents\PC Speed Maximizer
Pasta Deletada : C:\Users\Public\Documents\baidu
Arquivo Deletada : C:\Users\asus\AppData\Local\Temp\Uninstall.exe

***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [1392 octets] - [27/01/2014 16:10:11]
AdwCleaner[R1].txt - [1345 octets] - [30/06/2014 12:18:13]
AdwCleaner[S0].txt - [1387 octets] - [27/01/2014 16:15:07]
AdwCleaner[S1].txt - [1386 octets] - [30/06/2014 12:18:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1446 octets] ##########
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Seg 30 Jun 2014, 12:59

remover hao do notebook 772309  No seu PC está constando o Baidu instalado. Você quer removê-lo ou quer continuar com ele? Seja qual for a sua resposta para esta pergunta, siga também as dicas abaixo:

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Dê um duplo clique com o botão esquerdo do mouse no Zoek.exe para abri-lo.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Ter 15 Jul 2014, 11:49, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Seg 30 Jun 2014, 15:37

se possível vou querer remover sim... nem sabia que tinha ele no pc achei que ja tinha me livrado rsrs
valeu pela ajuda, segue o log

Zoek.exe v5.0.0.0 Updated 28-06-2014
Tool run by asus on 30/06/2014 at 15:09:34,07.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes

==== System Restore Info ======================

30/06/2014 15:10:34 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Application Data deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\asus\Searches deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\asus\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-06-29 17:18:12 2014-06-29 17:18:12 -------- d-----w- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687
2014-06-29 17:18:12 2014-06-30 14:48:45 -------- d-----w- C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus
2014-06-29 17:18:27 2014-06-29 17:18:27 -------- d-----w- C:\ProgramData\Baidu Security
2014-06-29 17:18:27 2014-06-29 17:18:27 -------- d-----w- C:\Users\All Users\Baidu Security

==== Files Found ======================


--- C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZUQTNUVB\baidu[1].png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37090
Created time: 2014-06-29 17:14:43
Modified time: 2014-06-29 17:14:43
MD5: A97F79B2091C6F123856367DDE6F18EB
SHA1: 2E7684B93D3A641223D9AEC1EB3CE9A03FBD1B1D


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu-Security-2014-4.4.4.73687\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"="C:\\Users\\asus\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1111.exe"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"="0"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"="{\"TabIndex\":\"0\",\"accesstime\":\"1404062231\",\"LogicCreatedTime\":\"1404062227\",\"url\":\"bdbrowser://welcome/\",\"Title\":\"Baidu Spark Security Browser\",\"FavIconURL\":\"bdbrowser://welcome/favicon.ico\",\"Historyid\":\"ccdc9783c0164c41864c23aac6e77fdb\"}"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension" [20/02/2014 16:13]

==== Chrome Look ======================

GBBD Guardião - Itaú 30 horas - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg
Google Wallet - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=smt_pay_hp_06_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\asus\Desktop\fm - Atalho.lnk - C:\Users\asus\Documents\Football.Manager.2014.CRACKED-3DM\Football Manager 2014\fm.exe
C:\Users\asus\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\Desktop\Grand Chase.lnk - C:\Level Up Games\Grand Chase\GrandChase.exe
C:\Users\asus\Desktop\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe
C:\Users\asus\Desktop\PXG Client.lnk - C:\Users\asus\AppData\Roaming\pxgclient\pxgclient\client\launcher.exe
C:\Users\asus\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe
C:\Users\asus\Desktop\UsbFix.lnk - C:\UsbFix\Wscript.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Agarest Generations of War.lnk - C:\Program Files (x86)\Agarest Generations of War\Agarest.exe
C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Public\Desktop\ASUS WebStorage.lnk - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Public\Desktop\Battlefield 3.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DKLegend.lnk - C:\Program Files (x86)\DKLegend\updater.exe
C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Origin.lnk - D:\Games\Origin\Origin.exe
C:\Users\Public\Desktop\Plants vs. Zombies.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\ASUS\Backup & Restore\AI Recovery Burner.lnk - C:\ProgramData\ChangeFolderView\aiRecovery.ico
C:\Users\Public\Desktop\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe
C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\ASUS\Multimedia\ASUSDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Public\Desktop\ASUS\System tool\Intel(R) Turbo Boost Technology Monitor 2.5.lnk - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
C:\Users\Public\Desktop\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico
C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

==== shortcuts in Users Start Menu ======================

C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PXG Client.lnk - C:\Users\asus\AppData\Roaming\pxgclient\pxgclient\client\launcher.exe
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Activate or Trial PRO mode.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\resources\setup.exe --activate --setTrue-DoProceed
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Migration from PICC STD.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\migration.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Quickstart guide.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\quickstart.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Release notes.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\readme.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\Uninstall.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\resources\setup.exe --remove
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C Compiler for PIC10-12-16 MCUs V9.82\User manual.lnk - C:\Program Files (x86)\HI-TECH Software\PICC\9.82\docs\manual.pdf
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\Activate or uninstall.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\resources\setup.exe
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\Release notes.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\resources\readme.txt
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software\HI-TECH C51-lite\User manual.lnk - C:\Program Files (x86)\HI-TECH Software\HC51\9.60\docs\manual.pdf

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA EULA.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\eula\en_US_eula.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Read Me.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\readme\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Technical Support.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Battlefield 3™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies™.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Desinstalar hao123.lnk - C:\Users\asus\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe -uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\asus\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1111.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Desinstalar Origin.lnk - D:\Games\Origin\OriginUninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk - D:\Games\Origin\Origin.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Relatório de Erro Origin.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Plants vs. Zombies End User License Agreement.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Plants vs. Zombies EN\eula.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Plants vs. Zombies.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Read Me.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Plants vs. Zombies EN\readme.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies\Technical Support.lnk - D:\Program Files (x86)\Origin Games\Plants vs. Zombies\Support\EA Help\Technical Support.en_US.rtf

==== shortcuts in Quick Launch ======================

C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intel(R) Turbo Boost Technology Monitor 2.5.lnk - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\Trend Micro\Trend Micro Titanium Internet Security 2012.lnk - C:\Program Files (x86)\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP9TJSRK will be deleted at reboot
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVPLVOER will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=20 folders=19 14823370 bytes)

==== Empty Temp Folders ======================

C:\Users\asus\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\asus\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NP9TJSRK" not found
"C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVPLVOER" not found

==== EOF on 30/06/2014 at 15:35:52,86 ======================
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Seg 30 Jun 2014, 21:09

Desative temporariamente seu antivírus para evitar conflitos.

* Dê um duplo clique com o botão esquerdo do mouse no Zoek.exe para abri-lo.

* Selecione e copie todo este texto destacado em vermelho que te passei. e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Ter 01 Jul 2014, 02:11


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 1:06:42,11.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes

==== System Restore Info ======================

01/07/2014 01:08:30 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0E936F1-3247-47E6-A3F9-87EEBA1EB0EA}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC772877-43B2-47A7-B97A-759F1B233E90}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{66E471D9-C1CD-4628-930C-59A8A4BC72DD}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6ABC3746-7B64-4F06-91C3-E706EFB4EA4E}"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\baidubrowser.tieba]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\BDLOG\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Spark]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
"l_1_c_1_f_1_"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\UserInfoStorage2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\ClosedItemRegister]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0796100730075007300\Topsites_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687 deleted
C:\ProgramData\Baidu Security deleted

==== Folders Found ======================

2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-01 04:10:41 2014-06-29 17:18:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687_Baidu Antivirus
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687\Baidu Antivirus
2014-06-30 15:18:59 2014-06-30 15:18:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-30 15:19:00 2014-06-30 15:19:00 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Local\Temp\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu
2014-06-30 15:19:01 2014-06-30 15:19:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\asus\AppData\Roaming\baidu\Baidu Antivirus
2014-06-30 15:19:02 2014-06-30 15:19:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-01 04:10:41 2014-06-29 17:18:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687_Baidu Antivirus
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-01 04:10:41 2014-06-29 17:18:27 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-01 04:10:41 2014-06-30 14:48:45 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu-Security-2014-4.4.4.73687\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 1:15:16,92 ======================
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Ter 01 Jul 2014, 12:32

Desative temporariamente seu antivírus para evitar conflitos.

* Clique com o botão direito do mouse no Zoek.exe e escolha a opção de Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Ter 01 Jul 2014, 13:09


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 13:05:13,37.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes
C:\zoek-results2014-07-01-041516.log 31894 bytes

==== System Restore Info ======================

01/07/2014 13:06:02 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\Hao123-br\hao123desk]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4249470998-23894073-617930920-1000\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 13:08:57,70 ======================
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Ter 01 Jul 2014, 13:15

Desative temporariamente seu antivírus para evitar conflitos.

* Clique com o botão direito do mouse no Zoek.exe e escolha a opção de Executar como administrador.

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Ter 01 Jul 2014, 14:11


Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by asus on 01/07/2014 at 13:52:41,32.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-161526.log 1294 bytes
C:\zoek-results2014-06-30-183552.log 33842 bytes
C:\zoek-results2014-07-01-041516.log 31894 bytes
C:\zoek-results2014-07-01-160857.log 4455 bytes

==== System Restore Info ======================

01/07/2014 13:53:01 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=24 14852810 bytes)

==== EOF on 01/07/2014 at 13:56:05,56 ======================
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Ter 01 Jul 2014, 15:38

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Ter 01 Jul 2014, 17:01

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Basic x64
Ran by asus on 01/07/2014 at 16:47:42,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/07/2014 at 16:59:09,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Qua 02 Jul 2014, 09:28

remover hao do notebook 772309 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Qua 02 Jul 2014, 09:57

~ Relatório do ZHPDiag v2014.6.30.100 - Nicolas Coolman (30/06/2014)
~ Iniciado por asus (02/07/2014 09:49:34)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126
GCIE: Google Chrome v35.0.1916.153 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300
Trend Micro Titanium v5.00
Windows Defender W7 (Deactivate)

---\\ Softwares d'optimização do sistema
CCleaner v4.10

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 10 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6023 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 102 GB (34%) free of 300 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ASUS-PC
~ User Name: asus
~ All Users Names: Convidado, asus, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\asus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\asus\AppData\Roaming\
~ %Desktop% : C:\Users\asus\Desktop\
~ %Favorites% : C:\Users\asus\Favorites\
~ %LocalAppData% : C:\Users\asus\AppData\Local\
~ %StartMenu% : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 102 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 298 Go of 374 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.09/03/2012 - 15:26:38.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.30/05/2014 - 04:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/03/2012 - 15:32:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.09/03/2012 - 15:11:02.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/84
~ Mes musiques (My Musics) : 1/536
~ Mes Videos (My Videos) : 1/23
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/4446
~ Mon Bureau (My Desktop) : 1/728
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 03s



---\\ Processos lançados
[MD5.2CC9F71A12C3F7E1D8F1EBD52163637C] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080] [PID.2824]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872] [PID.776]
[MD5.353061164FA2A032576340A35EA8C6D9] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1120936] [PID.2660]
[MD5.63A0FE3B1B094DAE328F46FCADABDBE4] - (.ASUS - FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [375424] [PID.2412]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568] [PID.2572]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\windows\AsScrPro.exe [3058304] [PID.2452]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [162456] [PID.3904]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816] [PID.4144]
[MD5.1C10324F2D829B2820B8E626F5CA9445] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1754816] [PID.1500]
[MD5.C6B3E2702322614DC9BF37E8077978BE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272] [PID.1300]
[MD5.09E3F3BBB6ABD32A8156DDD2A082812C] - (.National Instruments Corporation - NI Error Reporting Server.) -- C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [663896] [PID.4324]
[MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5380]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720] [PID.5500]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.5528]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072] [PID.5784]
[MD5.99ECAF298145F950B1326656167FBFDF] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336] [PID.6048]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.6124]
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.7112]
[MD5.D2FC0CCC8B37F87EB0804545AF69BE39] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8072704] [PID.4964]
[MD5.591A7E5FC4A8121B2ABF4E768B64ABA7] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [527928] [PID.1000]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1404]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1460]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1204]
[MD5.52436245AAEF3B65DF7859949AB6A14E] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120] [PID.1420]
[MD5.9571D8BDB56EBC52280E8020574508E6] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2088]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2116]
[MD5.7CBF0476029371402D14CD776612EE6A] - (.National Instruments Corporation - lkads.) -- C:\windows\SysWOW64\lkads.exe [53544] [PID.2172]
[MD5.F566E1CA9F08B75E6118D66B5CC9FFB9] - (.National Instruments Corporation - NI Service Locator.) -- C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440] [PID.2296]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\windows\SysWOW64\PnkBstrA.exe [76888] [PID.2336]
[MD5.E4E034F79D88B34C5B4BA28BAE2259F7] - (.Razer Inc. - RzKLService.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448] [PID.2376]
[MD5.20CDB07017497C94A0BAD253C4BAFCBC] - (.National Instruments, Inc. - Part of Logos.) -- C:\windows\SysWOW64\lkcitdl.exe [695136] [PID.2524]
[MD5.B9BA33801B5F9B79F0949AF206F96177] - (.National Instruments Corporation - lktsrv.) -- C:\windows\SysWOW64\lktsrv.exe [63792] [PID.2612]
[MD5.3B712766DEA950ACA65789B460AA1899] - (.National Instruments Corporation - nidmsrv.) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720] [PID.2768]
[MD5.F59599F4C0B3259AC1355F34E6AC6342] - (.National Instruments Corporation - National Instruments Zeroconf Service.) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976] [PID.2836]
[MD5.4CED4C1E0EE160F287FE90BB2F8878B2] - (.National Instruments Corporation - System Web Server Daemon.) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680] [PID.2860]
[MD5.7BDE66D35986F70D89341B5A4640FC93] - (.National Instruments Corporation - Application Web Server Daemon.) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696] [PID.2516]
[MD5.C14E6798A092E0E86556104767BEBD48] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.2204]
[MD5.EA75E0837B21B46E88102E23438FE2CB] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe [289408] [PID.1712]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4136]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.4244]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.4680]
[MD5.6E1A473DD2A4714EAF7D11E2315DF794] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543424] [PID.6296]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.1188]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 02s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\asus\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense Itaú Unibanco [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540008} . (.Banco Itaú Unibanco - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehuni.dll
~ BHO: 13 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - Trend Micro Client Main Console.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [NI Update Service] . (.National Instruments - National Instruments Update Service.) -- C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKUS\S-1-5-21-4249470998-23894073-617930920-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] *.itau.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.itau.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{105B566E-218F-4193-A26E-E976EA675DA8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BD4AD4CA-2F6B-493C-A7CD-3445FF78B8EF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
~ Services: 24 Legitimates Filtered in 00mn 18s



---\\ Tarefas planificadas automaticamente (039)
[MD5.4E8C983215115036C46841FFB51562A1] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS\AutoKMS.exe [2820608] =>Trojan.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{2AFB1E8E-128D-447E-997A-934010E841E9}] (...) -- C:\Users\asus\Downloads\ZHPDiag2.exe (.not file.) [0]
[MD5.7195F43F161472145B7D02CA350C9C06] [APT] [{AD612C69-15F5-4B58-BEAD-0035B17015B2}] (...) -- C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe [128384]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828]
O39 - APT: APT: - (..) -- C:\Windows\System32\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828] - (..) -- C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [830]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
~ Drivers: 78 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Agarest Generations of War - (...) [HKLM][64Bits] -- QWdhcmVzdEdlbmVyYXRpb25zb2ZXYXI=_is1
O42 - Logiciel: Conquest of Champions - (.Kihon Inc..) [HKLM][64Bits] -- Steam App 266450
O42 - Logiciel: DKLegend - (.DKLegend.) [HKLM][64Bits] -- {DBBBA561-CBC3-4B95-9B45-C6E19510EDBC}_is1
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Guardião - Itaú 30 horas - (...) [HKLM][64Bits] -- {70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1
O42 - Logiciel: HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 - (.HI-TECH Software.) [HKLM][64Bits] -- PICC 9.82
O42 - Logiciel: HI-TECH C51-lite V9.60PL0 - (.HI-TECH Software.) [HKLM][64Bits] -- HC51 9.60PL0
~ Logic: 27 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\Mechanist.co]
[HKCU\Software\MechanistGames]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
~ Key Software: 340 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/02/2014 - 18:22:31 - [] ----D C:\Program Files (x86)\DKLegend
O43 - CFD: 13/11/2013 - 21:17:13 - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 06/06/2014 - 13:04:15 - [] ----D C:\Users\asus\AppData\Roaming\Injustice
O43 - CFD: 23/05/2014 - 12:38:55 - [] ----D C:\Users\asus\AppData\Roaming\pxgclient
O43 - CFD: 27/06/2014 - 21:29:10 - [] ----D C:\Users\asus\AppData\Roaming\WizardWars
O43 - CFD: 03/02/2014 - 01:48:54 - [] ----D C:\Users\asus\AppData\Local\EdgeOfReality
O43 - CFD: 13/11/2013 - 21:17:01 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
~ Program Folder: 183 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3A91696F5B31EBDDBA9533F6805251B6] - 01/07/2014 - 01:15:16 ---A- . (...) -- C:\zoek-results2014-07-01-041516.log [31894]
O44 - LFC:[MD5.373252F4378FF7FA36AA5EE88CF4B85F] - 01/07/2014 - 13:08:57 ---A- . (...) -- C:\zoek-results2014-07-01-160857.log [4455]
O44 - LFC:[MD5.FFA54FBBBED8CEACE551537A4E51B20E] - 01/07/2014 - 13:13:33 ---A- . (...) -- C:\Windows\DirectX.log [105078]
O44 - LFC:[MD5.EF41770D8409EC3BCA28BC20AB99AABA] - 01/07/2014 - 13:56:05 ---A- . (...) -- C:\zoek-results.log [3686]
O44 - LFC:[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - 02/07/2014 - 00:49:04 ---A- . (...) -- C:\Windows\System32\AcpiServiceVnA64.dll [109848]
O44 - LFC:[MD5.505609C10E1DA95914C728B62F36E066] - 02/07/2014 - 00:49:04 ---A- . (...) -- C:\Windows\System32\audioLibVc.dll [33592]
O44 - LFC:[MD5.5950161AD9643B7153CC509DA76DF15E] - 02/07/2014 - 00:49:07 ---A- . (.ICEpower a/s - ICEpower ICEsound audio effects.) -- C:\Windows\System32\ICEsoundAPO64.dll [291488]
O44 - LFC:[MD5.4013C8B5C62F7F8E6A027DFB19173A4E] - 02/07/2014 - 00:49:10 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [1099203]
O44 - LFC:[MD5.886CE666A9507E17475C7156B157D181] - 02/07/2014 - 00:49:11 ---A- . (...) -- C:\Windows\System32\Drivers\rtvienna.dat [5804772]
O44 - LFC:[MD5.CC758BDB722C466464CF09CF70F47D29] - 02/07/2014 - 00:49:13 ---A- . (...) -- C:\Windows\System32\SStudio.dll [2117424]
O44 - LFC:[MD5.9FBE5A19407525C676978DD7F65644D4] - 02/07/2014 - 01:00:31 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1540]
O44 - LFC:[MD5.FB30F6CC42BA1962DF9BFFC73862B099] - 29/06/2014 - 14:20:36 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [151600]
O44 - LFC:[MD5.AB9F3E1868D9E7BD40839B19A734AEE9] - 29/06/2014 - 14:20:36 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [717420]
O44 - LFC:[MD5.A6799D0F42122C0D1E28655C10DB2707] - 29/06/2014 - 15:50:05 ---A- . (...) -- C:\AVScanner.ini [30]
O44 - LFC:[MD5.5EBE617DCE65B6AB0BABD3D4B2F22334] - 30/06/2014 - 11:53:15 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini [2220]
O44 - LFC:[MD5.6990A80D3F9EA9F0B3524E0DB809A4CD] - 30/06/2014 - 13:15:26 ---A- . (...) -- C:\zoek-results2014-06-30-161526.log [1294]
O44 - LFC:[MD5.F06770330A3A60E2DC85CF8D9C1CD706] - 30/06/2014 - 15:35:52 ---A- . (...) -- C:\zoek-results2014-06-30-183552.log [33842]
~ Files: 78 Legitimates Filtered in 02mn 05s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:21/12/2011 - 18:15:56 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys [35968]
O58 - SDL:07/11/2011 - 23:48:28 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys [16512]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:02/02/2012 - 15:37:26 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [200488]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 68 Legitimates Filtered in 00mn 30s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: UsbFix - (.El Desaparecido - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 20/01/2012 - C:\Windows\System32\DRIVERS\TurboB.sys (TurboB) .(.Intel(R) Corporation - TurboB Device Driver.) - LEGACY_TURBOB
~ Legacy: 85 Legitimates Filtered in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.D9CDF805A35884085A8EF65E1D9E2042] [SPRF][02/07/2014] (...) -- C:\Users\asus\AppData\Roaming\sp_data.sys [387]
[MD5.BABDE3081625BED651FE19978E6C29C8] [SPRF][11/05/2014] (...) -- C:\Users\asus\AppData\Roaming\unins000.dat [15839]
[MD5.8A236E7B3C42C236C75FC2191F8E2778] [SPRF][13/05/2014] (...) -- C:\Users\asus\Desktop\NI_Circuit_Design_Suite_13_0_1_Education.exe [764789592]
~ Files: 4 Legitimates Filtered in 00mn 12s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
~ BTK: 68 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/06/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/02/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 10/07/1658 0 | (EasyAntiCheat) . (.EasyAntiCheat Ltd.) - C:\windows\system32\EasyAntiCheat.exe
SS - | Auto 09/03/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/03/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 10/12/2013 81248 | (NIApplicationWebServer64) . (.National Instruments Corporation.) - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SS - | Demand 02/08/2010 1427688 | (NILM License Manager) . (.Macrovision Corporation.) - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\windows\system32\FBAgent.exe
SR - | Auto 02/08/2011 275912 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 16/02/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 05/05/2014 527928 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Auto 03/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 07/02/2012 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 07/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 27/10/2010 695136 | (LkCitadelServer) . (.National Instruments, Inc..) - C:\windows\SysWOW64\lkcitdl.exe
SR - | Auto 12/06/2013 53544 | (lkClassAds) . (.National Instruments Corporation.) - C:\windows\SysWOW64\lkads.exe
SR - | Auto 12/06/2013 63792 | (lkTimeSync) . (.National Instruments Corporation.) - C:\windows\SysWOW64\lktsrv.exe
SR - | Auto 07/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/12/2013 57696 | (NIApplicationWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
SR - | Auto 12/06/2013 380720 | (NIDomainService) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
SR - | Auto 11/05/2013 260976 | (nimDNSResponder) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
SR - | Auto 10/12/2013 90440 | (NiSvcLoc) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
SR - | Auto 10/12/2013 57680 | (NISystemWebServer) . (.National Instruments Corporation.) - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\windows\system32\PnkBstrA.exe
SR - | Auto 25/02/2014 105448 | (RzKLService) . (.Razer Inc..) - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
SR - | Demand 29/05/2014 543424 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Demand 20/01/2012 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 07/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Scâner Aditional (088)
Database Version : 13026 - (30/06/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
C:\windows\AutoKMS\AutoKMS.exe =>Trojan.AutoKMS^
~ Additionnel Scan: 363137 Items scanned in 00mn 46s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.AutoKMS
~ MSI: 1 link(s) detected in 00mn 00s



~ 893 Legitimates filtered by white list
End of the scan (507 lines in 06mn 06s)(0)
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Qua 02 Jul 2014, 10:21

remover hao do notebook 772309  Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
__________________________________________________________________________

remover hao do notebook 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

remover hao do notebook 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Qua 02 Jul 2014, 12:58

vou conferir os programas que estão iniciando, valeu.
segue o log
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by asus at 02/07/2014 12:57:26
High Elevated Privileges : OK
Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bnbase
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu

========== Valores do Registo ==========
ELIMINÉ RunValue: ETDCtrl
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (376) (336.468.334 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {2AFB1E8E-128D-447E-997A-934010E841E9}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
3 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 56s

========== Caminho do ficheiro do relatório ==========
C:\Users\asus\AppData\Roaming\ZHP\ZHPFix[R1].txt - 02/07/2014 12:57:32 [1352]
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Qui 03 Jul 2014, 09:05

Como está o PC depois destes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Qui 03 Jul 2014, 13:23

o hao saiu da página inicial, mas agora teve um problema que o processo do ELAN Pointing Device (touchpad para rolar a barra pra baixo por ex) parou de iniciar junto com o pc e não sei como resolver... tentei no CCleaner mas lá não tem o processo... sabe o que pode ter ocorrido ?
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Qui 03 Jul 2014, 13:24

Vá no site oficial do fabricante do seu notebook e baixe e instale o driver para o touchpad e veja se resolve.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Guilherme Bastos Seg 14 Jul 2014, 01:45

consegui obrigado...
o notebook está bem melhor agora
Guilherme Bastos
Guilherme Bastos
Iniciante
Iniciante

Mensagens : 44
Reputação : 0
Data de inscrição : 20/01/2014

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Seg 14 Jul 2014, 09:34

isso aí! Fico feliz que o problema tenha sido resolvido.

remover hao do notebook 772309 Só para finalizar siga estes tutoriais abaixo, por gentileza:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________

remover hao do notebook 772309 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________

remover hao do notebook 648673379 Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Power Max Ter 15 Jul 2014, 11:51

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

remover hao do notebook Empty Re: remover hao do notebook

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo


 
Permissões neste sub-fórum
Não podes responder a tópicos