Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35114 mensagens em 3558 assuntos
Últimos assuntos
» Pc reinicia ao desligar e vai pra BIOS
por joram Ontem à(s) 14:41

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Remover Baidu do registro

Página 1 de 3 1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Remover Baidu do registro

Mensagem por Top Sugar em Qui 24 Jul 2014, 18:26

Consegui remover quase tudo, ficou apenas isso que não pode ser apagado:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Sex 25 Jul 2014, 13:28

Olá.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Sex 25 Jul 2014, 15:25

# AdwCleaner v3.216 - Report created 25/07/2014 at 15:08:33
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TOP - VAIO
# Running from : C:\Users\TOP\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deleted [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [5375 octets] - [24/07/2014 15:26:56]
AdwCleaner[R1].txt - [1722 octets] - [25/07/2014 15:04:30]
AdwCleaner[S0].txt - [4487 octets] - [24/07/2014 15:28:24]
AdwCleaner[S1].txt - [1653 octets] - [25/07/2014 15:08:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1713 octets] ##########
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Sex 25 Jul 2014, 15:30

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Sex 25 Jul 2014, 16:12

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by TOP on 25/07/2014 at 15:59:53,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\TOP\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/07/2014 at 16:09:33,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Power Max em Sex 25 Jul 2014, 16:14

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 30 Jul 2014, 12:00, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Executado Zoek

Mensagem por Top Sugar em Sex 25 Jul 2014, 17:04


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\TOP\.android deleted
C:\PROGRA~2\GUM4856.tmp deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\extensions deleted
C:\Users\TOP\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\T-App deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\TOP\AppData\LocalLow\ADSRemoval deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job deleted
C:\user.js deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adremoveext@adremoveext.net deleted
"C:\Windows\Installer\b2d6d.msi" deleted

==== Folders Found ======================

2014-04-02 19:01:06 2014-07-15 16:18:07 -------- d-----w- C:\$WINDOWS.~Q\DATA\ProgramData\baidu
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1556
Created time: 2013-11-08 12:21:35
Modified time: 2013-04-22 14:30:56
MD5: 670B367C3485AB4FA0046B9D1DDFF1B7
SHA1: DD0C159627F22F3BF83A8632A357EE62DE132EEC


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23199"

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15/07/2014 12:19]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15/07/2014 12:19]

==== Firefox Extensions ======================

ProfilePath: C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nikpejgpnmgopkomlcfmghhpkoelbmgf - No path found[]

Google Translate - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb
Google Docs - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Advanced SystemCare Surfing Protection - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
YouTube - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Invalid Access Token. - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
AutoCAD 360 - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln
Google Finance - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp
Full Screen Weather - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg
Send Page - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\higemadklcnjhjpgcbnnbpgeeippjjcp
Simple Highlighter - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj
Desprotetor de Links - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei
Downloads - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb
Google Maps - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
GBBD Banco do Brasil - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp
Mail this link - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjdhjgbagpeimgpgloofkfoipgpdgdb
Google Wallet - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Chrome to Phone Extension - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco
GBBD Caixa Economica Federal - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Send from Omnibox - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfebpahfiklkbdgdacdcdojjejhpbkgc
Gmail - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=bbl_pay_hp_02_hao123_br"
"Search Bar"="http://google.com"
"Search Page"="http://google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} deleted successfully
HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts in Users Start Menu ======================

C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Android Data Recovery.lnk - C:\Program Files (x86)\Android Data Recovery\AndroidDataRecovery.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Help.lnk - C:\Program Files (x86)\Android Data Recovery\Android Data Recovery.chm
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Uninstall Android Data Recovery.lnk - C:\Program Files (x86)\Android Data Recovery\uninst.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Website.lnk - C:\Program Files (x86)\Android Data Recovery\Android Data Recovery.url
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Chessmaster 10th Edition.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_96366949.lnk - C:\Users\TOP\AppData\Local\Temp\_uninst_96366949.bat

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk - C:\Program Files\Sony\VAIO Care\VAIOCare.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warranty Registration.lnk - C:\Program Files (x86)\Sony\Warranty Registration\02-03-10-backstage_v2.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft\Central de Mouse e Teclado da Microsoft.lnk - c:\Windows\Installer\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}\DeviceCenter.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Desinstalar Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Advanced Statistics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Event Viewer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Diagnostics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Uninstall.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Desinstalar Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care\VAIO Care.lnk - C:\Program Files\Sony\VAIO Care\VAIOCare.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Backup e Restauração.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DESKTOP.lnk - \\RECEPCAO
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Explorer.lnk - C:\
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk - C:\Program Files (x86)\Glary Utilities\Integrator.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wondershare MobileGo for Android.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGo.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Atualizador ESET.lnk - C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Welcome Center.lnk - C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Acrobat 9 Pro Extended.lnk - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\dde_br.lnk - C:\Users\TOP\Desktop\BVMF\dde_br.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DMMultiView.lnk - C:\Program Files (x86)\DMMultiView\MultiView.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\inSSIDer 3.lnk - C:\Users\TOP\AppData\Roaming\Microsoft\Installer\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}\Icon.ico
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger .lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="127.0.0.1:8080"
"ProxyOverride"="*.local;192.168.*.*"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nikpejgpnmgopkomlcfmghhpkoelbmgf deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DANFEViewMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia2 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia3 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy Driver Pro deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWirelessWiMAX deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSafeSysTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SACMonitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slick Savings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tasktime.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TOP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TOP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=670 folders=176 151165786 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TOP\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TOP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 25/07/2014 at 16:47:33,25 ======================
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Sex 25 Jul 2014, 17:31

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Shortcut_Module > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Você precisa estar registrado e conectado para ver esta imagem.]

Execute-o da forma indicada nesta postagem:

Desinfecte atalhos infectados e exclua adwares com a ferramenta Shortcut_Module

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Sex 25 Jul 2014, 20:23

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 25.07.2014.3

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 17:56:35 - 25/07/2014

update on : 25/07/2014 | 22.45 by g3n-h@ckm@n

Contact : [Você precisa estar registrado e conectado para ver este link.]
Assistance : [Você precisa estar registrado e conectado para ver este link.]
Feedbacks : [Você precisa estar registrado e conectado para ver este link.]

Boot: Normal boot

[TOP (Administrator)] - [VAIO] -  (BR [0409])
SID = S-1-5-21-3701455409-3707843946-3216141553-1000

System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1

RAM memory = Total (MB) : 8369 | Free (MB) : 6215
Pagefile = Total (MB) : 16736 | Free (MB) : 14393
Virtual = Total (MB) : 4194 | Free (MB) : 4026


Registry saved, to restore : C:\Shortcut_Module\Save\Clean\ERDNT.exe

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

No windows updates detected !!!

¤¤¤¤¤¤¤¤¤¤ | Browsers

IE : 11.0.9600.17207     (© Microsoft Corporation. All rights reserved.)
GC : 36.0.1985.125     (Copyright 2012 Google Inc. All rights reserved.)

¤¤¤¤¤¤¤¤¤¤ | Security

AM : Malwarebytes' Anti-Malware   (1.0.0.532)     []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Order
AS: Windows Defender [Auto(2)] = Order
FW: Windows FireWall Service [Auto(2)] = Order

Deleted setting in a stand-by mode !


¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

¤¤¤¤¤¤¤¤¤¤ | Killed processes

976 | [Owner : SYSTEM |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
144 | [Owner : SYSTEM |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
540 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1560 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1568 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1608 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2096 | [Owner : TOP |Parent : 2056] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2176 | [Owner : TOP |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2396 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2704 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2688 | [Owner : TOP |Parent : 2704] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2864 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3128 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3624 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3896 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3256 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3684 | [Owner : TOP |Parent : 2096] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3740 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3808 | [Owner : TOP |Parent : 2096] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
4016 | [Owner : TOP |Parent : 2096] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1272 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3088 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
3940 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3248 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3548 | [Owner : TOP |Parent : 3088] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3180 | [Owner : SYSTEM |Parent : 1272] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4276 | [Owner : TOP |Parent : 4016] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4612 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
4744 | [Owner : TOP |Parent : 3440] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4708 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
1244 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
4296 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1692 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2248 | [Owner : TOP |Parent : 1692] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
1784 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
4160 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5036 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
1540 | [Owner : TOP |Parent : 6004] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4500 | [Owner : SYSTEM |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
5384 | [Owner : SYSTEM |Parent : 4500] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
4372 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5452 | [Owner : SYSTEM |Parent : 1116] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
7008 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

¤¤¤¤¤¤¤¤¤¤ | RUN

04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM64\..\Run : [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run : [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO

¤¤¤¤¤¤¤¤¤¤ | Services


Service in functioning : WINDEFEND
Stopped service : WINDEFEND
Service in functioning : Dhcp
Stopped service : Dhcp
Service in functioning : TcpIp
Service in functioning : MPSSvc
Stopped service : MPSSvc
Service in functioning : Rasman
Stopped service : Rasman
Service in functioning : LanmanServer
Stopped service : LanmanServer
Service in functioning : DNScache
Stopped service : DNScache
Deleted successfully : HKLM\..\ControlSet001\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet001\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
Deleted successfully : HKLM\..\ControlSet002\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet002\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Reseted successfully

¤¤¤¤¤¤¤¤¤¤ | Register

Deleted successfully : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\mediagetexportfile
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr.1
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector.1
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib.1
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine.1.2.7
Deleted successfully : HKLM\Software\Classes\Applications\Best Buy pc app Setup.exe :
Deleted successfully : HKLM\Software\Classes\Applications\iLividSetup-r585-n-bc.exe :
Deleted successfully : HKLM\Software\Classes\CLSID\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75} : CFXEngine Object     (CLSID)
Deleted successfully : HKLM\Software\Classes\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} : Ads Removal
Deleted successfully : HKLM\Software\Classes\AppID\protector_dll.DLL
Deleted successfully : HKLM\Software\Classes\AppID\{96FBC13C-8214-4100-88E0-FF74D7A1CB4D} : protector_dll
Deleted successfully : HKLM\Software\Classes\TypeLib\{E78AF333-BB0C-473A-AE82-C0A2215BA39F} : RocketEngine 1.0 Type Library     (1.0)
Deleted successfully : HKLM\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F} : IMinibarButton
Deleted successfully : HKLM64\Software\Classes\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} : ImelondreaBHO
Deleted successfully : HKLM64\Software\Classes\Interface\{C64BA349-1F34-4BFC-8D23-A317279D0CB9} : IRightSurfBHO
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Best Buy pc app
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Easy Driver Pro
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASAPI32
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASMANCS
Deleted successfully : HKLM\SOFTWARE\ADSRemoval
Deleted successfully : HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} : SuperfishIEAddon.dll;SuperfishIEAddon.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Deleted successfully : HKLM\Software\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 : 02:\SOFTWARE\Iminent\AppInstanceUid
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 : C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F : SweetIM Technical Support Department
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B} : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser

¤¤¤¤¤¤¤¤¤¤ | Offsets


¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Folders | Files

Deleted successfully : C:\Windows\Tasks\RegCure Pro.job = ParetoLogic
Deleted successfully : C:\Program Files (x86)\Enigma Software Group
Deleted successfully : C:\Program Files\Enigma Software Group
Deleted successfully : C:\Users\All Users\Easy Driver Pro
Deleted successfully : C:\Users\All Users\Start Menu\Programs\Driver Booster
Deleted successfully : C:\Users\TOP\Downloads\Driver Booster 1.4
Deleted successfully : C:\Users\TOP\Downloads\namebench-1.3.1-Windows.exe     (.- .)    
Deleted successfully : C:\Users\TOP\Downloads\RegCure Pro 3.1.7 + Crack • CT ™
Deleted successfully : C:\Users\TOP\Downloads\SpyHunter.4.17.6.4336
Deleted successfully : C:\Users\TOP\Downloads\yet_another_cleaner_sk.exe     (Copyright (c) 2011-2014 Elex do Brasil Participações Ltda.- . YAC Security Protection)     Setup.exe
Deleted successfully : C:\Users\TOP\Start Menu\Programs\SpyHunter
Deleted successfully : C:\Users\TOP\Documents\Probit Software\Easy Driver Pro
Deleted successfully : C:\Users\TOP\Downloads\Início de Pastas Particulares\Claro
Deleted successfully : C:\Users\TOP\AppData\Roaming\br.com.meubolsoemdia.jimbo
Deleted successfully : C:\Users\TOP\AppData\Local\Best Buy pc app
Deleted successfully : C:\spyhunter.fix     (.- .)    
Deleted successfully : C:\Windows\Installer\28a77.msi(Best Buy pc app Setup Installation - Best Buy)

¤¤¤¤¤¤¤¤¤¤ | .LNK


¤¤¤¤¤¤¤¤¤¤ | opening unknown extension


¤¤¤¤¤¤¤¤¤¤ | Proxy

Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[EnableHttp1_1] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]

¤¤¤¤¤¤¤¤¤¤ | Google Chrome

Deleted successfully : HKLM\Software\Policies\Google
[TOP] Reseted successfully : SearchURL


¤¤¤¤¤¤¤¤¤¤ | Firefox



¤¤¤¤¤¤¤¤¤¤ | SeaMonkey



¤¤¤¤¤¤¤¤¤¤ | Pale moon



¤¤¤¤¤¤¤¤¤¤ | Opera


¤¤¤¤¤¤¤¤¤¤ | StartMenuInternet

Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"

¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs


¤¤¤¤¤¤¤¤¤¤ | Javascript


¤¤¤¤¤¤¤¤¤¤ | Firewall


¤¤¤¤¤¤¤¤¤¤ | ADS

¤¤¤¤¤¤¤¤¤¤ | Temporary files

[Administrator] Temporary files deleted : 0 Ko
[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Guest] Temporary files deleted : 0 Ko
[HomeGroupUser$] Temporary files deleted : 0 Ko
[Public] Temporary files deleted : 0 Ko
[TOP] Temporary files deleted : 1845 Ko
[C:\Windows\Temp] Temporary files deleted : 0 Ko
[C:\Temp] Temporary files deleted : 0 Ko

Restarted service : Dhcp
Restarted service : DNScache
Restarted service : LanmanServer
Restarted service : MPSsvc

Other(s) report(s)


Restored setting in a stand-by mode

¤¤¤¤¤¤¤¤¤¤ | Listing


¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)

[26/07/2011 12:18:47] - |D| - C:\Program Files (x86)\Acro Software
[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Adobe
[24/06/2014 14:57:29] - |D| - C:\Program Files (x86)\Android Data Recovery
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\ArcSoft
[24/01/2014 14:11:25] - |D| - C:\Program Files (x86)\Baidu Security
[18/03/2011 11:48:52] - |D| - C:\Program Files (x86)\BuscaPe Na Hora
[29/11/2011 06:48:24] - |D| - C:\Program Files (x86)\CDBurnerXP
[16/05/2011 16:47:48] - |D| - C:\Program Files (x86)\Chessmaster 10th Edition
[12/03/2011 23:45:39] - |D| - C:\Program Files (x86)\Cisco
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files
[13/03/2011 00:24:07] - |D| - C:\Program Files (x86)\Corel
[21/03/2012 09:14:27] - |D| - C:\Program Files (x86)\D-Link
[12/03/2011 23:36:19] - |D| - C:\Program Files (x86)\DDNi
[14/07/2009 01:54:24] - |ASH| - C:\Program Files (x86)\desktop.ini
[21/07/2014 09:10:49] - |D| - C:\Program Files (x86)\DLLSuite
[13/07/2011 10:11:31] - |D| - C:\Program Files (x86)\DMMultiView
[06/03/2013 08:00:52] - |D| - C:\Program Files (x86)\ESET
[29/11/2011 14:53:39] - |D| - C:\Program Files (x86)\FreeTime
[15/03/2011 09:37:36] - |D| - C:\Program Files (x86)\GbPlugin
[10/10/2012 14:36:46] - |D| - C:\Program Files (x86)\Glary Utilities
[12/03/2011 23:57:21] - |D| - C:\Program Files (x86)\Google
[26/07/2011 12:20:02] - |D| - C:\Program Files (x86)\GPLGS
[07/05/2012 13:30:52] - |D| - C:\Program Files (x86)\Hewlett-Packard
[15/03/2011 08:38:08] - |D| - C:\Program Files (x86)\HP
[15/03/2011 08:44:22] - |D| - C:\Program Files (x86)\HP Photo Creations
[17/03/2012 10:04:30] - |D| - C:\Program Files (x86)\hpmon
[30/04/2013 08:22:12] - |HD| - C:\Program Files (x86)\InstallJammer Registry
[29/07/2010 15:01:15] - |HD| - C:\Program Files (x86)\InstallShield Installation Information
[29/07/2010 14:57:59] - |D| - C:\Program Files (x86)\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Internet Explorer
[16/03/2011 09:12:52] - |D| - C:\Program Files (x86)\IObit
[13/03/2011 00:08:01] - |D| - C:\Program Files (x86)\Java
[30/11/2011 06:42:28] - |D| - C:\Program Files (x86)\K-Lite Video Conversion Pack
[15/07/2014 14:40:42] - |D| - C:\Program Files (x86)\Malwarebytes Anti-Malware
[19/10/2012 10:41:34] - |D| - C:\Program Files (x86)\Marvell
[19/03/2012 07:55:25] - |D| - C:\Program Files (x86)\MetaGeek
[13/03/2011 01:12:17] - |D| - C:\Program Files (x86)\Microsoft
[16/03/2011 08:16:04] - |D| - C:\Program Files (x86)\Microsoft Analysis Services
[26/08/2013 15:57:58] - |D| - C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
[13/03/2011 00:09:46] - |D| - C:\Program Files (x86)\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files (x86)\Microsoft Silverlight
[11/07/2014 18:40:06] - |D| - C:\Program Files (x86)\Microsoft SQL Server
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft Synchronization Services
[13/03/2011 02:30:37] - |D| - C:\Program Files (x86)\Microsoft.NET
[31/03/2011 08:24:42] - |D| - C:\Program Files (x86)\Motorola
[13/09/2011 09:01:05] - |D| - C:\Program Files (x86)\Motorola Media Link
[24/10/2012 09:53:43] - |D| - C:\Program Files (x86)\Motorola Mobility
[12/03/2011 22:50:45] - |D| - C:\Program Files (x86)\Mozilla Firefox
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\MSBuild
[16/07/2014 11:57:45] - |D| - C:\Program Files (x86)\MSECache
[13/03/2011 00:31:24] - |D| - C:\Program Files (x86)\MSXML 4.0
[17/03/2012 10:23:03] - |D| - C:\Program Files (x86)\NetSupport
[17/03/2012 10:06:41] - |D| - C:\Program Files (x86)\NetSupport Manager
[17/03/2011 16:14:58] - |D| - C:\Program Files (x86)\Nokia
[30/07/2011 16:49:20] - |D| - C:\Program Files (x86)\NVIDIA Corporation
[21/12/2011 18:18:43] - |D| - C:\Program Files (x86)\OpenOffice.org 3
[27/06/2012 17:38:40] - |D| - C:\Program Files (x86)\Oracle
[30/11/2011 07:08:11] - |D| - C:\Program Files (x86)\PDFStudio
[12/03/2011 23:40:30] - |D| - C:\Program Files (x86)\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Reference Assemblies
[29/07/2010 15:01:39] - |D| - C:\Program Files (x86)\Renesas Electronics
[19/11/2012 14:25:55] - |D| - C:\Program Files (x86)\Respironics
[19/10/2012 14:07:18] - |D| - C:\Program Files (x86)\Ricoh
[17/10/2012 15:01:35] - |D| - C:\Program Files (x86)\Scan2PDF
[16/03/2011 12:17:25] - |D| - C:\Program Files (x86)\Scpad
[21/03/2011 08:33:02] - |RD| - C:\Program Files (x86)\Skype
[13/03/2011 00:14:45] - |D| - C:\Program Files (x86)\Sony
[19/02/2013 12:03:59] - |D| - C:\Program Files (x86)\Spybot - Search & Destroy 2
[12/03/2011 23:40:30] - |HD| - C:\Program Files (x86)\Temp
[14/07/2009 01:57:06] - |HD| - C:\Program Files (x86)\Uninstall Information
[21/11/2012 14:23:39] - |D| - C:\Program Files (x86)\uTorrent
[15/07/2014 14:37:34] - |D| - C:\Program Files (x86)\VS Revo Group
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Defender
[13/03/2011 00:19:07] - |D| - C:\Program Files (x86)\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Sidebar
[13/03/2011 01:13:21] - |D| - C:\Program Files (x86)\WinRAR

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files

[15/07/2014 12:04:06] - |D| - C:\Program Files\Apoint
[22/07/2014 17:37:25] - |D| - C:\Program Files\CCleaner
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files
[14/07/2009 01:54:24] - |ASH| - C:\Program Files\desktop.ini
[17/03/2011 16:15:46] - |D| - C:\Program Files\DIFX
[14/07/2009 02:32:38] - |D| - C:\Program Files\DVD Maker
[25/01/2013 14:09:39] - |D| - C:\Program Files\ESET
[12/03/2011 23:57:22] - |D| - C:\Program Files\Google
[15/03/2011 08:29:24] - |D| - C:\Program Files\HP
[12/03/2011 23:45:39] - |D| - C:\Program Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Internet Explorer
[13/03/2011 00:06:04] - |D| - C:\Program Files\Java
[24/07/2014 12:15:15] - |D| - C:\Program Files\McAfee Security Scan
[09/10/2011 09:58:52] - |D| - C:\Program Files\MetaGeek
[16/03/2011 08:16:04] - |D| - C:\Program Files\Microsoft Analysis Services
[14/07/2009 02:32:38] - |D| - C:\Program Files\Microsoft Games
[05/08/2011 08:42:18] - |D| - C:\Program Files\Microsoft IntelliPoint
[01/07/2014 11:16:06] - |D| - C:\Program Files\Microsoft Mouse and Keyboard Center
[13/03/2011 00:09:56] - |D| - C:\Program Files\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files\Microsoft Silverlight
[11/07/2014 18:38:38] - |D| - C:\Program Files\Microsoft SQL Server
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft Sync Framework
[16/03/2011 08:19:08] - |D| - C:\Program Files\Microsoft Synchronization Services
[11/07/2014 18:53:41] - |D| - C:\Program Files\Microsoft.NET
[05/12/2013 08:47:01] - |D| - C:\Program Files\Motorola Mobility LLC
[14/07/2009 02:32:38] - |D| - C:\Program Files\MSBuild
[15/07/2014 12:03:13] - |D| - C:\Program Files\NVIDIA Corporation
[13/03/2011 00:12:41] - |D| - C:\Program Files\PlayReady
[15/07/2014 12:04:15] - |D| - C:\Program Files\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files\Reference Assemblies
[19/03/2014 11:02:25] - |D| - C:\Program Files\SafeNet
[12/03/2011 23:31:13] - |D| - C:\Program Files\Sony
[13/03/2011 01:04:57] - |D| - C:\Program Files\SPHE BD-Live
[15/07/2014 12:02:46] - |D| - C:\Program Files\Synaptics
[14/07/2009 02:09:26] - |HD| - C:\Program Files\Uninstall Information
[23/11/2012 08:48:00] - |D| - C:\Program Files\WIDCOMM
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Defender
[21/11/2010 04:16:54] - |D| - C:\Program Files\Windows Journal
[04/01/2012 13:56:35] - |D| - C:\Program Files\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Sidebar

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files

[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Common Files\Adobe
[12/12/2012 15:35:41] - |D| - C:\Program Files (x86)\Common Files\Adobe AIR
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\Common Files\ArcSoft
[15/03/2011 08:41:06] - |D| - C:\Program Files (x86)\Common Files\Hewlett-Packard
[15/03/2011 08:41:11] - |D| - C:\Program Files (x86)\Common Files\HP
[12/03/2011 23:40:27] - |D| - C:\Program Files (x86)\Common Files\InstallShield
[13/03/2011 00:24:21] - |D| - C:\Program Files (x86)\Common Files\InterVideo
[17/07/2014 09:46:16] - |D| - C:\Program Files (x86)\Common Files\Java
[03/07/2012 09:55:54] - |D| - C:\Program Files (x86)\Common Files\Macrovision Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\microsoft shared
[23/05/2012 16:55:28] - |D| - C:\Program Files (x86)\Common Files\MSSoap
[13/09/2011 09:01:20] - |D| - C:\Program Files (x86)\Common Files\Nero
[17/03/2011 16:16:06] - |D| - C:\Program Files (x86)\Common Files\Nokia
[13/03/2011 00:24:13] - |D| - C:\Program Files (x86)\Common Files\Protexis
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\Services
[01/07/2014 11:42:45] - |D| - C:\Program Files (x86)\Common Files\Skype
[12/03/2011 23:53:39] - |D| - C:\Program Files (x86)\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\System
[13/03/2011 01:11:10] - |D| - C:\Program Files (x86)\Common Files\Windows Live
[18/07/2014 16:18:02] - |D| - C:\Program Files (x86)\Common Files\Wise Installation Wizard

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common Files

[14/05/2014 14:32:40] - |D| - C:\Program Files\Common Files\DESIGNER
[12/03/2011 23:45:40] - |D| - C:\Program Files\Common Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Microsoft Shared
[27/03/2011 08:45:42] - |D| - C:\Program Files\Common Files\Motorola Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Services
[12/03/2011 23:53:39] - |D| - C:\Program Files\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\System

¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Roaming

[24/09/2012 14:27:36] - |A| - C:\Users\TOP\AppData\Roaming\.backup.dm
[21/11/2013 14:39:19] - |D| - C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
[12/03/2011 20:37:43] - |D| - C:\Users\TOP\AppData\Roaming\Adobe
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Roaming\Apple Computer
[13/03/2011 09:46:45] - |D| - C:\Users\TOP\AppData\Roaming\ArcSoft
[14/04/2011 15:52:42] - |D| - C:\Users\TOP\AppData\Roaming\Auslogics
[30/11/2011 06:45:56] - |D| - C:\Users\TOP\AppData\Roaming\avidemux
[24/01/2014 14:12:22] - |D| - C:\Users\TOP\AppData\Roaming\Baidu Security
[20/11/2013 14:41:59] - |D| - C:\Users\TOP\AppData\Roaming\br.com.iba.magazinesdesktop
[29/11/2011 06:48:41] - |D| - C:\Users\TOP\AppData\Roaming\Canneverbe Limited
[04/09/2011 11:25:09] - |D| - C:\Users\TOP\AppData\Roaming\Corel
[10/10/2012 14:36:46] - |D| - C:\Users\TOP\AppData\Roaming\GlarySoft
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Roaming\Google
[15/03/2011 08:49:36] - |D| - C:\Users\TOP\AppData\Roaming\HP
[15/03/2011 08:44:17] - |D| - C:\Users\TOP\AppData\Roaming\HpUpdate
[12/03/2011 20:24:18] - |D| - C:\Users\TOP\AppData\Roaming\Identities
[12/03/2011 22:19:18] - |D| - C:\Users\TOP\AppData\Roaming\Intel
[12/03/2011 20:24:54] - |D| - C:\Users\TOP\AppData\Roaming\Intel Corporation
[16/03/2011 09:12:54] - |D| - C:\Users\TOP\AppData\Roaming\IObit
[31/01/2013 08:09:41] - |D| - C:\Users\TOP\AppData\Roaming\iolo
[12/03/2011 20:43:14] - |D| - C:\Users\TOP\AppData\Roaming\Macromedia
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Roaming\Media Center Programs
[15/07/2014 12:06:07] - |SD| - C:\Users\TOP\AppData\Roaming\Microsoft
[13/09/2011 09:02:30] - |D| - C:\Users\TOP\AppData\Roaming\motorola
[25/07/2012 18:35:53] - |D| - C:\Users\TOP\AppData\Roaming\Motorola Mobility
[21/12/2012 14:30:00] - |D| - C:\Users\TOP\AppData\Roaming\Mozilla
[17/03/2012 10:08:22] - |D| - C:\Users\TOP\AppData\Roaming\NetSupport
[17/03/2011 16:19:57] - |D| - C:\Users\TOP\AppData\Roaming\Nokia
[17/03/2011 16:37:37] - |D| - C:\Users\TOP\AppData\Roaming\Nokia Ovi Suite
[23/06/2011 17:18:00] - |D| - C:\Users\TOP\AppData\Roaming\NVIDIA
[21/12/2011 19:21:45] - |D| - C:\Users\TOP\AppData\Roaming\OpenOffice.org
[17/03/2011 16:16:55] - |D| - C:\Users\TOP\AppData\Roaming\PC Suite
[16/05/2014 10:43:33] - |D| - C:\Users\TOP\AppData\Roaming\ProductData
[21/03/2011 08:33:21] - |D| - C:\Users\TOP\AppData\Roaming\Skype
[21/03/2011 08:44:41] - |D| - C:\Users\TOP\AppData\Roaming\skypePM
[12/03/2011 20:21:41] - |D| - C:\Users\TOP\AppData\Roaming\Sony Corporation
[17/03/2012 09:59:46] - |D| - C:\Users\TOP\AppData\Roaming\T-App
[21/11/2012 14:22:04] - |D| - C:\Users\TOP\AppData\Roaming\uTorrent
[19/10/2012 10:56:18] - |D| - C:\Users\TOP\AppData\Roaming\WinBatch
[25/07/2014 09:24:34] - |D| - C:\Users\TOP\AppData\Roaming\WinRAR

¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Local

[15/03/2011 09:25:55] - |D| - C:\Users\TOP\AppData\Local\Adobe
[01/08/2011 15:48:21] - |D| - C:\Users\TOP\AppData\Local\Apple
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Local\Apple Computer
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Application Data
[12/03/2011 20:24:39] - |D| - C:\Users\TOP\AppData\Local\Apps
[13/03/2011 09:46:47] - |D| - C:\Users\TOP\AppData\Local\ArcSoft
[02/02/2013 08:25:30] - |D| - C:\Users\TOP\AppData\Local\BeCrux
[25/11/2012 08:43:04] - |D| - C:\Users\TOP\AppData\Local\Broadcom
[27/03/2011 08:49:12] - |D| - C:\Users\TOP\AppData\Local\BVRP Software
[14/07/2014 14:24:37] - |D| - C:\Users\TOP\AppData\Local\Comodo
[12/03/2011 20:28:07] - |D| - C:\Users\TOP\AppData\Local\Diagnostics
[13/09/2011 09:00:01] - |D| - C:\Users\TOP\AppData\Local\Downloaded Installations
[30/03/2011 14:55:10] - |D| - C:\Users\TOP\AppData\Local\ElevatedDiagnostics
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieSiteList
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieUserList
[15/03/2011 08:10:30] - |D| - C:\Users\TOP\AppData\Local\ESET
[20/06/2013 14:41:33] - |D| - C:\Users\TOP\AppData\Local\GAS Tecnologia
[15/07/2014 13:51:52] - |A| - C:\Users\TOP\AppData\Local\GDIPFONTCACHEV1.DAT
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Local\Google
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\History
[15/03/2011 08:51:33] - |D| - C:\Users\TOP\AppData\Local\HP
[22/07/2014 18:57:55] - |AH| - C:\Users\TOP\AppData\Local\IconCache.db
[27/03/2011 12:50:57] - |D| - C:\Users\TOP\AppData\Local\IsolatedStorage
[09/10/2011 10:33:56] - |D| - C:\Users\TOP\AppData\Local\MetaGeek,_LLC
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Local\Microsoft
[17/03/2012 12:21:39] - |D| - C:\Users\TOP\AppData\Local\Microsoft Games
[15/03/2011 07:26:25] - |D| - C:\Users\TOP\AppData\Local\Microsoft Help
[23/09/2011 18:29:35] - |D| - C:\Users\TOP\AppData\Local\Motosftemp
[26/08/2013 15:59:14] - |D| - C:\Users\TOP\AppData\Local\MSKLC
[17/03/2011 16:17:44] - |D| - C:\Users\TOP\AppData\Local\Nokia
[05/09/2011 12:13:07] - |D| - C:\Users\TOP\AppData\Local\NokiaAccount
[14/07/2014 14:24:47] - |D| - C:\Users\TOP\AppData\Local\Packages
[13/03/2011 09:47:23] - |D| - C:\Users\TOP\AppData\Local\Programs
[24/09/2012 14:29:02] - |D| - C:\Users\TOP\AppData\Local\Proxure
[19/11/2012 14:26:47] - |D| - C:\Users\TOP\AppData\Local\Respironics
[05/05/2014 16:25:51] - |D| - C:\Users\TOP\AppData\Local\Skype
[12/03/2011 21:08:12] - |D| - C:\Users\TOP\AppData\Local\Sony Corporation
[08/08/2011 08:26:14] - |D| - C:\Users\TOP\AppData\Local\Sony Ericsson
[25/07/2014 16:45:41] - |D| - C:\Users\TOP\AppData\Local\Temp
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Temporary Internet Files
[12/03/2011 20:22:10] - |D| - C:\Users\TOP\AppData\Local\VirtualStore
[04/01/2012 13:14:39] - |D| - C:\Users\TOP\AppData\Local\Windows Live
[04/01/2012 14:59:31] - |D| - C:\Users\TOP\AppData\Local\Windows Live Writer

¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData

[24/09/2012 16:21:45] - |D| - C:\ProgramData\A-PDF
[12/03/2011 23:56:10] - |D| - C:\ProgramData\Adobe
[01/08/2011 15:47:05] - |D| - C:\ProgramData\Apple
[01/08/2011 15:48:30] - |D| - C:\ProgramData\Apple Computer
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Application Data
[13/03/2011 09:46:47] - |D| - C:\ProgramData\ArcSoft
[28/03/2011 10:01:58] - |D| - C:\ProgramData\Avanquest Bluetooth SDK
[24/01/2014 14:11:25] - |D| - C:\ProgramData\Baidu Security
[27/03/2011 08:45:31] - |D| - C:\ProgramData\BVRP Software
[29/11/2011 06:48:41] - |D| - C:\ProgramData\Canneverbe Limited
[12/03/2011 23:36:19] - |D| - C:\ProgramData\DDNi
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Documents
[29/07/2010 15:01:34] - |D| - C:\ProgramData\Downloaded Installations
[15/07/2014 12:04:40] - |AH| - C:\ProgramData\DP45977C.lfl
[29/01/2014 08:42:50] - |D| - C:\ProgramData\ESET
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Favorites
[03/07/2012 10:01:46] - |D| - C:\ProgramData\FLEXnet
[20/06/2013 14:41:33] - |D| - C:\ProgramData\GAS Tecnologia
[15/03/2011 09:37:36] - |D| - C:\ProgramData\GbPlugin
[12/03/2011 23:57:21] - |D| - C:\ProgramData\Google
[15/03/2011 08:26:16] - |D| - C:\ProgramData\HP
[15/03/2011 08:44:22] - |D| - C:\ProgramData\HP Photo Creations
[15/03/2011 08:42:57] - |D| - C:\ProgramData\HP Product Assistant
[12/03/2011 23:45:39] - |D| - C:\ProgramData\Intel
[23/06/2011 20:20:06] - |D| - C:\ProgramData\IObit
[31/01/2013 08:09:41] - |D| - C:\ProgramData\iolo
[24/07/2014 11:45:20] - |D| - C:\ProgramData\Kaspersky Lab
[11/07/2012 08:21:08] - |D| - C:\ProgramData\LGMOBILEAX
[25/07/2014 09:26:41] - |D| - C:\ProgramData\Logs
[15/07/2014 14:40:42] - |D| - C:\ProgramData\Malwarebytes
[25/11/2013 09:22:49] - |D| - C:\ProgramData\McAfee
[24/07/2014 12:15:17] - |D| - C:\ProgramData\McAfee Security Scan
[14/07/2009 00:20:08] - |SD| - C:\ProgramData\Microsoft
[15/03/2011 07:26:18] - |D| - C:\ProgramData\Microsoft Help
[11/07/2014 19:38:14] - |D| - C:\ProgramData\Microsoft Toolkit
[13/09/2011 09:02:15] - |D| - C:\ProgramData\Motorola
[17/03/2012 10:08:23] - |D| - C:\ProgramData\NetSupport
[14/07/2014 14:24:38] - |RASH| - C:\ProgramData\ntuser.pol
[15/07/2014 12:04:01] - |D| - C:\ProgramData\NVIDIA
[15/07/2014 12:03:24] - |D| - C:\ProgramData\NVIDIA Corporation
[17/03/2011 16:16:58] - |D| - C:\ProgramData\PC Suite
[11/07/2014 18:39:48] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[21/03/2011 08:32:58] - |D| - C:\ProgramData\Skype
[29/07/2010 17:44:18] - |D| - C:\ProgramData\Sony Corporation
[19/02/2013 12:04:24] - |D| - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Start Menu
[13/03/2011 00:08:07] - |D| - C:\ProgramData\Sun
[03/04/2013 15:05:05] - |D| - C:\ProgramData\Temp
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Templates
[10/04/2011 10:32:15] - |D| - C:\ProgramData\TorrentEasy
[15/03/2011 08:49:36] - |D| - C:\ProgramData\WEBREG
[21/07/2014 09:11:18] - |D| - C:\ProgramData\Weskysoft
[01/08/2011 15:49:30] - |D| - C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[19/10/2012 09:45:35] - |D| - C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
[12/03/2011 23:56:42] - |HDC| - C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}

[X] : [238991 Ko]

Analyzed elements : 343067 | Modified : 12 | Infected : 96

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 20:03:12 | [45 Ko]
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Sex 25 Jul 2014, 20:32

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Pre_Scan > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Você precisa estar registrado e conectado para ver esta imagem.]

Execute-o da forma indicada nesta postagem:

Tutorial de instalação e execução do Pre_Scan

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 10:06

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 04.07.20.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 09:32:19

Updated 20/07/2014 | 13.55 by g3n-h@ckm@n
Contact : [Você precisa estar registrado e conectado para ver este link.]
Pre_Script Infos : [Você precisa estar registrado e conectado para ver este link.]
Pre_scan Feedbacks : [Você precisa estar registrado e conectado para ver este link.]

[TOP (Administrator)] - [VAIO]
SID = S-1-5-21-3701455409-3707843946-3216141553-1000

Starting up : Normal  
System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
ProcessorNameString : Intel(R) Core(TM) i7 CPU       Q 740  @ 1.73GHz
Identifier : Intel64 Family 6 Model 30 Stepping 5


Memory RAM = Total (MB) : 8369 | Free (MB) : 6788
Pagefile = Total (MB) : 16736 | Free (MB) : 15080
Virtual = Total (MB) : 4194 | Free (MB) : 4013

¤¤¤¤¤¤¤¤¤¤ | Components of starting up


¤¤¤¤¤¤¤¤¤¤¤ | Drives

C:\-> [Fixed] | [VAIO HD] | Total : 600090 Mo | Free : 461250 Mo -> NTFS

¤¤¤¤¤¤¤¤¤¤ | Windows updates

No detected update !!!


¤¤¤¤¤¤¤¤¤¤ | Sessions

C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\TOP

Registry saved , to restore : C:\Pre_Scan\Save\Scan\ERDNT.exe

stand-by mode deleted !


¤¤¤¤¤¤¤¤¤¤ | Browsers

IE : 11.0.9600.17207     (© Microsoft Corporation.)
GC : 36.0.1985.125     (Copyright 2012 Google Inc.)

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

FlashPlayer ActiveX : 14.0.0.145
FlashPlayer Plugin : 14.0.0.145

¤¤¤¤¤¤¤¤¤¤ | Security

AM : Malwarebytes Anti-Malware   ( 1.0.0.532)     []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Auto(2)] = Running
FW: Windows FireWall Service [Auto(2)] = Running

¤¤¤¤¤¤¤¤¤¤ | Stopped processes

980 | [Owner :  |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
136 | [Owner :  |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
348 | [Owner :  |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1504 | [Owner :  |Parent : 1112] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
1516 | [Owner :  |Parent : 616] - (.Microsoft Corporation - Host da Janela do Console.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
1580 | [Owner :  |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1680 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1688 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2108 | [Owner : TOP |Parent : 2064] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2184 | [Owner : TOP |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2424 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2724 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2068 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3040 | [Owner : TOP |Parent : 2724] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2120 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3144 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3252 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3364 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3476 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3948 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3968 | [Owner : TOP |Parent : 2108] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
1924 | [Owner : TOP |Parent : 2108] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
3704 | [Owner : TOP |Parent : 2108] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4000 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3616 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3384 | [Owner : TOP |Parent : 3704] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3428 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3376 | [Owner : SYSTEM |Parent : 3616] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4148 | [Owner : TOP |Parent : 3276] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
4304 | [Owner : SYSTEM |Parent : 3948] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4672 | [Owner : TOP |Parent : 3132] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4704 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
2960 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3204 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
1244 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
5116 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5324 | [Owner : TOP |Parent : 3516] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
5480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
4512 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
4892 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
6108 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5472 | [Owner : TOP |Parent : 5116] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4012 | [Owner : SYSTEM |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2500 | [Owner : SYSTEM |Parent : 4012] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
3564 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
6912 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5512 | [Owner : SYSTEM |Parent : 5480] - (.Sony Corporation - VCAgent.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCAgent.exe
8060 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
5528 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe

¤¤¤¤¤¤¤¤¤¤ | Running processes

372 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe
616 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
684 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
708 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
752 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
784 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.18409) = C:\Windows\System32\winlogon.exe
812 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18443) = C:\Windows\System32\lsass.exe
820 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
696 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1072 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1112 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1156 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1268 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1312 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1380 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1616 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1640 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1520 | [Owner : SYSTEM |Parent : 752] - (.ESET - ESET Service.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
2072 | [Owner : TOP |Parent : 1112] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
2396 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe
3860 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
4056 | [Owner : TOP |Parent : 2108] - (.ESET - ESET Main GUI.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
3604 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\SysWOW64\dllhost.exe
4280 | [Owner : TOP |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe
5020 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe
2244 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
5916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
6812 | [Owner : TOP |Parent : 2108] - (. - .) - (0.0.0.0) = C:\Users\TOP\Desktop\Pre_Scan.exe
6492 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
6748 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
7036 | [Owner : TOP |Parent : 6748] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
7532 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3132 | [Owner : SYSTEM |Parent : 7532] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
7804 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
7872 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
6284 | [Owner : SYSTEM |Parent : 7872] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
7568 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
7756 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
7596 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
7840 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
7916 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
5900 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
7864 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
6180 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe


¤¤¤¤¤¤¤¤¤¤ | Winlogon user : OK !


¤¤¤¤¤¤¤¤¤¤ | Winlogon machine

Repaired : [64][HKLM | Winlogon]|[userinit] : userinit.exe, -> C:\Windows\SysWOW64\userinit.exe,

¤¤¤¤¤¤¤¤¤¤
Associations

Repaired : [64][HKLM\Software\Classes\Folder\shell\open\command] : C:\Windows\Explorer.exe -> C:\Windows\Explorer.exe


¤

Repaired : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files\Google\Chrome\Application\chrome.exe" -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Repaired : [64][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]

¤¤¤¤¤¤¤¤¤¤
Registry

Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktop] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktopChanges] : 1 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
[Hidden] : 2 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel]
[AllItemsIconView] : 0 -> 1
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoDriveTypeAutoRun] : 221 -> 145

¤¤¤¤¤¤¤¤¤¤
Access to the registry and to the administrator of the tasks



¤¤¤¤¤¤¤¤¤¤ | SafeBoot

Safeboot Keys are O.K

Alternate shell is OK !

¤

Safeboot Minimal Subkeys : O.K !

¤

Safeboot Network Subkeys : O.K !

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]|[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Winsrv : OK !


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :

[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] : acaptuser64.dll
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

¤¤¤¤¤¤¤¤¤¤ | Security center

[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{003e0278-eca8-4bb8-a256-3689ca1c2600}]|[Autostart] : C:\Windows\system32\shell32.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{3BF043EF-A974-49B3-8322-B853CF1E5EC5}]|[Autostart] : C:\Windows\System32\SndVolSSO.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{68ddbb56-9d1d-4fd9-89c5-c0da2a625392}]|[Autostart] : C:\Windows\system32\stobject.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7007ACCF-3202-11D1-AAD2-00805FC1270E}]|[Autostart] : C:\Windows\System32\netshell.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7849596a-48ea-486e-8937-a2a3009f31a9}]|[Autostart] : C:\Windows\system32\shell32.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll     C:\Windows\System32\hcproviders.dll
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{A1607060-5D4C-467a-B711-2B59A6F25957}]|[Autostart] : C:\Windows\System32\AltTab.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}]|[Autostart] : C:\Windows\system32\wpdshserviceobj.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{C2796011-81BA-4148-8FCA-C6643245113F}]|[Autostart] : C:\Windows\System32\pnidui.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{DA67B8AD-E81B-4c70-9B91-B417B5E33527}]|[Autostart] : C:\Windows\System32\srchadmin.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{EF4D1E1A-1C87-4AA8-8934-E68E4367468D}]|[Autostart] : C:\Windows\SysWOW64\shdocvw.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F08C5AC2-E722-4116-ADB7-CE41B527994B}]|[Autostart] : C:\Windows\SysWOW64\bthprops.cpl     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F20487CC-FC04-4B1E-863F-D9801796130B}]|[Autostart] : C:\Windows\System32\SyncCenter.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]|[Autostart] : C:\Windows\System32\Actioncenter.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{fbeb8a05-beee-4442-804e-409d6c4515e9}]|[Autostart] : C:\Windows\system32\shell32.dll     [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{ff363bfe-4941-4179-a81c-f3f1ca72d820}]|[Autostart] : C:\Windows\System32\hgcpl.dll     [ok]


Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0

¤¤¤¤¤¤¤¤¤¤ | Correction of the services


Repaired : [Iphlpsvc] : 4 -> 2
Repaired : [IKEEXT] : 3 -> 2
Repaired : [agp440] : 3 -> 2
Repaired : [Bits] : 3 -> 2
Repaired : [EapHost] : 3 -> 2
Repaired : [SharedAccess] : 3 -> 2
Repaired : [wuauserv] : 3 -> 2
Repaired : [wudfsvc] : 3 -> 2
Repaired : [WerSvc] : 4 -> 2

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]

¤

Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned

¤¤¤¤¤¤¤¤¤¤ | reparsepoint



¤¤¤¤¤¤¤¤¤¤ | Detection of offsets


¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry

Deleted : HKLM\..\ControlSet001\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\ControlSet002\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\CurrentControlSet\Enum\Root\LEGACY_ESGIGUARD

Deleted : C:\$Recycle.bin\S-1-5-21-3701455409-3707843946-3216141553-1000
Deleted : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\iolo
Deleted : [64]HKLM\Software\EnigmaSoftwareGroup
Deleted : [64]HKLM\Software\iolo
Deleted : [32]HKLM\Software\EnigmaSoftwareGroup

Deleted : HKLM\..\ControlSet001\Services\Eventlog\iolo Applications
Deleted : HKLM\..\ControlSet002\Services\Eventlog\iolo Applications

Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\iolo
Moved to quarantine successfully : C:\ProgramData\iolo
Moved to quarantine successfully : C:\bootsqm.dat
Moved to quarantine successfully : C:\msdia80.dll
Moved to quarantine successfully : C:\Users\TOP\AppData\Local\microsoft\windows\WebCacheLock.dat
Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Templates\DownloadInfo.initmp
Moved to quarantine successfully : C:\Windows\assembly\tmp\
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\security

¤¤¤¤¤¤¤¤¤¤ | ADS


Prefetch -> cleaned




¤¤¤¤¤¤¤¤¤¤ | Hidden files

~ [Program Files] : Hidden : 13 | Restored : 13
~ [Users] : Hidden : 2 | Restored : 2
~ [Pictures] : Hidden : 8 | Restored : 8
~ [Documents] : Hidden : 2 | Restored : 2
~ [Searches] : Hidden : 1 | Restored : 1
~ [Windows] : Hidden : 35 | Restored : 35
~ [Libraries] : Hidden : 54 | Restored : 54


¤¤¤¤¤¤¤¤¤¤ | Control of the partitions

Disk: 0   Size=610G
Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
 0    0    27-UNKNWN   10G   No    No         2,048   21,059,584
 1    1    07-NTFS    100M   Yes   No    21,061,632      204,800
 2    2    07-NTFS    600G   No    No    21,266,432  228,994,560

¤¤¤¤¤¤¤¤¤¤

[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
[HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1

End : 09:48:19


Standby-mode restored
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 404
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 10:12

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passeie cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 30 Jul 2014, 12:02, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Executado Zoek

Mensagem por Top Sugar em Seg 28 Jul 2014, 10:41

Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-25-194733.log 40811 bytes

==== Folders Found ======================

2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 10:42

O relatório está incompleto, poste ele todo por gentileza.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 10:45

Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-25-194733.log 40811 bytes

==== Folders Found ======================

2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"

[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=670 folders=176 151165786 bytes)

==== EOF on 28/07/2014 at 10:37:57,32 ======================
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 11:00

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 30 Jul 2014, 12:03, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 11:11

Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 11:06:42,20.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes

==== System Restore Info ======================

28/07/2014 11:07:29 Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bhipssvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bhipssvc deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
C:\Users\TOP\AppData\Roaming\Baidu Security deleted

==== Folders Found ======================

2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-07-28 14:08:02 2014-07-28 14:08:02 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-07-28 14:08:21 2014-07-28 14:08:21 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-07-28 14:08:02 2014-07-28 14:08:20 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=851 folders=220 427417459 bytes)

==== EOF on 28/07/2014 at 11:09:26,01 ======================
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 11:22

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 30 Jul 2014, 12:03, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 11:28

Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 11:25:04,82.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes
C:\zoek-results2014-07-28-140926.log 8891 bytes

==== System Restore Info ======================

28/07/2014 11:25:52 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=851 folders=220 427417459 bytes)

==== EOF on 28/07/2014 at 11:27:05,54 ======================
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 11:30

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 11:58

~ Report of ZHPDiag v2014.7.27.109 - Nicolas Coolman  (27/07/2014)
~ Launched by TOP (28/07/2014 11:46:29)
~ Web site address : [Você precisa estar registrado e conectado para ver este link.]
~ Web forum address : [Você precisa estar registrado e conectado para ver este link.]
~ Translated by
~ Version State : Updated version.
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Malwarebytes Anti-Malware version 2.0.2.1012
McAfee Security Scan Plus v3.8.150.1
Spybot - Search & Destroy v2.0.12
Windows Defender W7 (Activate)

---\\ System optimization software
CCleaner v4.15

---\\ Sharing software PeerToPeer
µTorrent v3.2.2.28500  =>P2P.µTorrent

---\\ Surveillance software
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 65

---\\ Information on the system
~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8172 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 449 GB (76%) free of 586 GB

---\\ Connection to the system mode
~ Computer Name: VAIO
~ User Name: TOP
~ All Users Names: TOP, HomeGroupUser$, Guest, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TOP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TOP\AppData\Roaming\
~ %Desktop% : C:\Users\TOP\Desktop\
~ %Favorites% : C:\Users\TOP\Favorites\
~ %LocalAppData% : C:\Users\TOP\AppData\Local\
~ %StartMenu% : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 449 Go of 586 Go)
D: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions for Win32.) (.15/07/2014 - 20:28:14.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 3/4098
~ Mes musiques (My Musics) : 1/1014
~ Mes Videos (My Videos) : 2/28
~ Mes Favoris (My Favorites) : 2/153
~ Mes Documents (My Documents) : 2/4898
~ Mon Bureau (My Desktop) : 1/21337
~ Menu demarrer (Programs) : 1/39
~ Hidden Files:  Scanned in 00mn 13s



---\\ Process running
[MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe   [698680] [PID.2772]
[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [256896] [PID.4688]
[MD5.672E1B3140D78F01E5563C32A72E3ED3] - (.No owner - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe   [62464] [PID.4936]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.exe   [49208] [PID.5812]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8082432] [PID.2164]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe   [881952] [PID.972]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe   [520520] [PID.348]
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe   [1337752] [PID.1036]
[MD5.7ED3A9C3763725BD700946971215EE77] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe   [137528] [PID.2248]
[MD5.A3E918D2A03A6E7F9C7748C3D89A2550] - (.No owner - Oasis2Service.) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe   [47616] [PID.2464]
[MD5.80E85394D8CD7F84340B1C6F4B9D698F] - (.Sony Corporation - Device Information Provider.) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe   [367456] [PID.2860]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe   [185632] [PID.2460]
[MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe   [65657] [PID.2788]
[MD5.A058BB0BFE7F530A1CCF28F5DBDB6795] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe   [360640] [PID.3972]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe   [217968] [PID.3824]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe   [7168] [PID.3188]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe   [120176] [PID.4708]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe   [13336] [PID.1088]
[MD5.96EFA2698D6B9E2931609A3EA73FC5DC] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe   [851824] [PID.5012]
[MD5.8F0840FF3A11D6B3F767AD6C79AC2A40] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe   [54760] [PID.4284]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe   [3487240] [PID.6024]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe   [1369624] [PID.6732]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Você precisa estar registrado e conectado para ver este link.]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cpngackimfmofbokmjmljamhdncknpmg] Screen Capture (by Google) v.5.1.4, (Activé)
G2 - GCE: Preference [User Data\Default] [fcgckldmmjdbpdejkclmfnnnehhocbfp] Google Finance v.1.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [higemadklcnjhjpgcbnnbpgeeippjjcp] Send Page v.1.5 (Activé)
G2 - GCE: Preference [User Data\Default] [hljnlfolmbmibdjaikiaepgepgnldclj] Simple Highlighter v.2.1.7.3, (Activé)
G2 - GCE: Preference [User Data\Default] [imcbnnnoghiihopefblgehihofbfbmei] Desprotetor de Links v.2.0.1.7, (Activé)
G2 - GCE: Preference [User Data\Default] [jfchnphgogjhineanplmfkofljiagjfb] Downloads v.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ngjdhjgbagpeimgpgloofkfoipgpdgdb] Mail this link v.1.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.7.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.7.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pfebpahfiklkbdgdacdcdojjejhpbkgc] Send from Omnibox v.0.1 (Activé)

---\\ Google Chrome Extension Folder
~ Google Lines Browser: 34 Legitimates Filtered in 00mn 03s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\TOP\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
~ IE Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects (O2)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O2 - BHO: BuscaPe [64Bits] - {CF897CCA-7C89-4B6F-8E49-E51AD405289F} Orphan key
~ BHO: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Orphan key
~ Toolbar:  Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\QuickLaunch [TOP]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IntelWirelessWiMAX] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- c:\program files\intel\wimax\bin\wimaxcu.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\apoint\apoint.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
~ Application:  Scanned in 00mn 00s



---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 01s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.Adobe Systems, Inc. - 3D Capture.) - C:\Windows\System32\acaptuser64.dll
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Ser (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Energy Server Service (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Oasis2Service (Oasis2Service) . (.No owner - Oasis2Service.) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Services: 28 Legitimates Filtered in 00mn 05s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (sh4native Sh4Removal) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s



---\\ Task Planned Automatically (039)
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.)   [0]  =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [pennybee Runner] (...) -- C:\ProgramData\pennybee\pennybee.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Tempo Runner] (...) -- C:\PROGRA~3\pennybee\pennybee.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [wp1-codedownloader] (...) -- C:\Program Files (x86)\wp1\wp1-codedownloader.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{2EA87288-8226-4DD3-ADED-94237F3DF281}] (...) -- C:\Users\TOP\Downloads\SOAOTH-00263500-1040.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C02A4B4A-9EE2-4837-8226-74A865974971}] (...) -- C:\Users\TOP\AppData\Local\Babylon\Setup\Setup.exe (.not file.)   [0]  =>PUP.Babylon
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.)   [0]
[MD5.C4AF8FF242602D9B88686387A6DAED96] [APT] [VAIO Survey] (...) -- C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe   [390448]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\Tasks\CCleanerClean.job   [258]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\CCleanerClean   [258]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b7c2457f4d6   [1064]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa11f8d0bd740   [1062]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000Core1cf4a78eb00bb57   [1018]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000UA1cf69e862683ffe   [1070]
~ Scheduled Task: 50 Legitimates Filtered in 00mn 07s



---\\ Drivers launched at startup (O41)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: BuscaPe Na Hora - (...) [HKLM][64Bits] -- {16712AFB-B5B6-4E00-8FDB-EA6147CDEFF3}_is1
O42 - Logiciel: DANFE View - (.Unimake Softwares.) [HKLM][64Bits] -- DANFE View_is1
O42 - Logiciel: GeoVision ADPCM - (...) [HKLM][64Bits] -- GeoADPCM
O42 - Logiciel: GeoVision H264 - (...) [HKLM][64Bits] -- Codec_264
O42 - Logiciel: GeoVision JPEG - (...) [HKLM][64Bits] -- Codec_jpeg
O42 - Logiciel: GeoVision MPEG2 - (...) [HKLM][64Bits] -- Codec_mp2
O42 - Logiciel: GeoVision MPEG4 - (...) [HKLM][64Bits] -- GEOXCodec
O42 - Logiciel: GeoVision MPEG4 ASP - (...) [HKLM][64Bits] -- Codec_amp4
O42 - Logiciel: GeoVision MPEG4 AVC - (...) [HKLM][64Bits] -- Codec_AVC
O42 - Logiciel: NetSupport Manager - (.NetSupport Ltd.) [HKLM][64Bits] -- {2CB3F85C-ABA2-4B56-B395-17F21B679093}
O42 - Logiciel: Oasis2Service 1.0 - (.DDNi.) [HKLM][64Bits] -- {E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
O42 - Logiciel: PDF Studio - (.Qoppa Software.) [HKLM][64Bits] -- 8147-3835-7485-6804
~ Logic: 20 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\BeCrux]
[HKCU\Software\BuscaPe]
[HKCU\Software\GbAs]
[HKCU\Software\GeoVision]
[HKCU\Software\NetSupport Ltd]
[HKCU\Software\OB]
[HKCU\Software\Scopus]
[HKCU\Software\Shortcut_Module]
[HKCU\Software\T-App]
[HKCU\Software\TorrentEasy]
[HKCU\Software\UltraDownloads.com.br]
[HKLM\Software\Best Buy]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\GoodMedia]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\NSL]
[HKLM\Software\Wow6432Node\NetSupport Manager]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\UlisesSoft]
[HKLM\Software\Wow6432Node\geovision]
[HKLM\Software\Wow6432Node\v9magic]
~ Key Software: 439 Legitimates Filtered in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 22/07/2014 - 15:36:02 - [] ----D C:\Program Files (x86)\BuscaPe Na Hora
O43 - CFD: 15/07/2014 - 12:18:54 - [] ----D C:\Program Files (x86)\DDNi
O43 - CFD: 15/07/2014 - 12:21:13 - [] ----D C:\Program Files (x86)\NetSupport
O43 - CFD: 15/07/2014 - 12:21:14 - [] ----D C:\Program Files (x86)\NetSupport Manager
O43 - CFD: 18/07/2014 - 09:15:07 - [] ----D C:\Program Files (x86)\PDFStudio
O43 - CFD: 15/07/2014 - 12:21:28 - [] ----D C:\Program Files (x86)\Respironics
O43 - CFD: 24/07/2014 - 18:43:14 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 15/07/2014 - 12:22:25 - [] ----D C:\ProgramData\DDNi
O43 - CFD: 15/07/2014 - 12:23:11 - [] ----D C:\ProgramData\NetSupport
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\TorrentEasy
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
O43 - CFD: 15/07/2014 - 12:24:09 - [] --H-D C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
O43 - CFD: 15/07/2014 - 12:50:24 - [] ----D C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
O43 - CFD: 15/07/2014 - 12:51:10 - [] ----D C:\Users\TOP\AppData\Roaming\NetSupport
O43 - CFD: 24/07/2014 - 18:42:25 - [] ----D C:\Users\TOP\AppData\Roaming\ProductData
O43 - CFD: 15/07/2014 - 12:51:26 - [] ----D C:\Users\TOP\AppData\Roaming\T-App
O43 - CFD: 15/07/2014 - 12:49:29 - [] ----D C:\Users\TOP\AppData\Local\BeCrux
O43 - CFD: 21/12/2011 - 14:06:27 - [0] ----D C:\Users\TOP\AppData\Local\Motosftemp
O43 - CFD: 15/07/2014 - 12:50:01 - [] ----D C:\Users\TOP\AppData\Local\Respironics
~ Program Folder: 245 Legitimates Filtered in 00mn 00s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.924C8CC7C2FA0A0DABD908E3BE1C0D1B] - 14/07/2014 - 16:25:54 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys   [45248]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagerr.xml   [1890]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagwrn.xml   [1890]
O44 - LFC:[MD5.3B1CBCB18FFDF416B067633F90288E33] - 15/07/2014 - 10:06:52 ---A- . (...) -- C:\Windows\CompatibilityIssues.txt   [1226]
O44 - LFC:[MD5.9FA44E747737A8E1C78F32D3B31EB7E2] - 15/07/2014 - 12:03:54 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin   [3774821]
O44 - LFC:[MD5.721CB2CEBF86999FECCA47AE77EF755F] - 15/07/2014 - 13:15:57 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat   [22744]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 15/07/2014 - 20:28:12 ---A- . (...) -- C:\Windows\System32\ieuinit.inf   [16284]
O44 - LFC:[MD5.3EEFE5864B1BC5D9A5C0B1299F8C107B] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfd0416.dat   [38536]
O44 - LFC:[MD5.399F4D9A97795D47B0C0ECE16AB8AD4C] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfi0416.dat   [323154]
O44 - LFC:[MD5.ED30CF1F646BA1341DF168144119AD7B] - 18/07/2014 - 10:20:40 ---A- . (...) -- C:\Windows\Model.txt   [21]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/07/2014 - 16:18:57 ----- . (...) -- C:\autoexec.bat   [0]
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr   [285747]
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr.mbr   [8192]
O44 - LFC:[MD5.5BA9713747A94AD07D6CF4CD7C8CA01E] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\DMmvHost.ini   [395]
O44 - LFC:[MD5.BF8B38B4391C94ED93E65409F4AA8361] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\multiview.ini   [191]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/07/2014 - 18:59:34 ----- . (...) -- C:\asc_rdflag   [0]
O44 - LFC:[MD5.2C2AD3D4961FE8061F198FF97B6649EC] - 23/07/2014 - 06:00:00 ----- . (...) -- C:\spyhunter.log   [340]  =>Crapware.SpyHunter
O44 - LFC:[MD5.245E43E19AA5A04E50B62B49EB027E90] - 23/07/2014 - 09:01:00 ----- . (...) -- C:\sh4_service.log   [2613]
O44 - LFC:[MD5.60F57F11333336036A9E9DB63B512065] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [154676]
O44 - LFC:[MD5.BEAF61ECA95A3514AF5BFB4CE00174DA] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [729486]
O44 - LFC:[MD5.1902652E916AD36A76FF39DF453B2010] - 25/07/2014 - 16:47:33 ---A- . (...) -- C:\zoek-results2014-07-25-194733.log   [40811]
O44 - LFC:[MD5.57092DD03DE86EF1E3120E47AF27D831] - 25/07/2014 - 20:03:12 ---A- . (...) -- C:\Shortcut_Module_25_07_2014_20_03_18.txt   [44748]
O44 - LFC:[MD5.53012C1CAB68E269074BB344707019DC] - 28/07/2014 - 09:49:01 R--A- . (...) -- C:\Pre_Scan_28_07_2014_09_49_01.txt   [31738]
O44 - LFC:[MD5.1504CE18B53E63E69945471B6AFC0E32] - 28/07/2014 - 10:10:23 ---A- . (...) -- C:\Windows\System32\SupplicantTest.log   [0]
O44 - LFC:[MD5.63C1FA06AB62366D7794A705CEB924E4] - 28/07/2014 - 10:37:57 ---A- . (...) -- C:\zoek-results2014-07-28-133757.log   [4908]
O44 - LFC:[MD5.46359281FFD7E10AA4E1D03BE13D53A7] - 28/07/2014 - 11:09:26 ---A- . (...) -- C:\zoek-results2014-07-28-140926.log   [8891]
O44 - LFC:[MD5.971BC21D44997AD309EC8009D08AC7DB] - 28/07/2014 - 11:27:05 ---A- . (...) -- C:\zoek-results.log   [4332]
~ Files: 434 Legitimates Filtered in 00mn 10s



---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [288688]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:11/07/2014 - 09:28:36 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys   [45248]
O58 - SDL:23/06/2010 - 06:55:44 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys   [94208]
O58 - SDL:23/06/2010 - 06:55:40 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys   [78848]
O58 - SDL:06/11/2012 - 21:28:46 ---A- . (...) -- C:\Windows\System32\Drivers\semav6thermal64ro.sys   [13792]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:07/02/2014 - 00:50:58 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys   [38216]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\System32\Drivers\TVicHW32.sys   [21200]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys   [49536]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys.off   [49536]
O58 - SDL:18/07/2014 - 19:19:42 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
O58 - SDL:09/04/2013 - 14:11:06 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MouseUSB.sys   [5120]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys   [29536]
~ Drivers: 95 Legitimates Filtered in 00mn 01s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys (regi)  .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - 06/11/2012 - C:\Windows\system32\drivers\semav6thermal64ro.sys (semav6thermal64ro) .(...) - LEGACY_SEMAV6THERMAL64RO
O64 - Services: CurCS - 04/06/2014 - C:\Windows\System32\Drivers\SmartDefragDriver.sys (SmartDefragDriver)  .(.IObit - SmartDefrag Driver.) - LEGACY_SMARTDEFRAGDRIVER
~ Legacy: 137 Legitimates Filtered in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C1527408-C082-4471-B253-D6B8896AF7AB}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{BDE13D47-A9C7-4028-8F59-97A384E66AA0}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 |  (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 09/07/2014 262320 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03/07/2012 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 16/07/2014 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/07/2014 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 05/01/2007 112152 |  (IviRegMgr) . (.InterVideo.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SS - | Auto 04/05/2014 2152736 |  (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 12/05/2014 1809720 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 12/05/2014 860472 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 09/04/2014 289256 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 30/03/2012 237328 |  (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
SS - | Demand 05/03/2010 831760 |  (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Demand 13/11/2012 1103392 |  (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - | Auto 13/11/2012 168384 |  (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21/06/2010 108400 |  (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 18/06/2010 423280 |  (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 21/06/2010 67952 |  (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 22/02/2013 427432 |  (USER_ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SS - | Demand 09/06/2010 537456 |  (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 09/06/2010 384880 |  (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 09/06/2010 101232 |  (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SS - | Demand 27/02/2014 1642544 |  (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SS - | Disabled 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/01/2014 881952 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 08/06/2010 952096 |  (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 22/07/2014 408576 |  (DMAgent) . (.Red Bend Ltd..) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
SR - | Auto 12/09/2013 1337752 |  (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 22/02/2013 427432 |  (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SR - | Auto 05/03/2010 1425168 |  (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 26/02/2014 520520 |  (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 04/03/2010 13336 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 15/11/2013 137528 |  (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/05/2014 927520 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 14/03/2011 47616 |  (Oasis2Service) . (...) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
SR - | Auto 01/06/2010 367456 |  (PMBDeviceInfoProvider) . (.Sony Corporation.) - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/07/2007 185632 |  (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 02/09/2011 65657 |  (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 05/11/2012 10424 |  (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
SR - | Auto 04/03/2013 258048 |  (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 14/01/2013 360640 |  (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Demand 13/11/2012 1369624 |  (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Demand 07/06/2010 304496 |  (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 01/06/2010 217968 |  (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 |  (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 17/06/2010 851824 |  (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Demand 12/10/2012 54760 |  (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 08/06/2010 836608 |  (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Auto 07/06/2010 911872 |  (WiMAXAppSrv) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 07s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
~ Additionnel Scan: 411561 Items scanned in 00mn 17s



---\\ Additional information about modules
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Proxy Management (R5)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Browser Helper Objects (O2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer toolbars (O3)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Auto loading programs from Registry and folders (O4)
~ AMI: 6 Legitimates Filtered in 00mn 00s



---\\ Summary of the detections found on your workstation
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.AutoKMS
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Paretologic
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Babylon
[Você precisa estar registrado e conectado para ver este link.]  =>Crapware.SpyHunter
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Tarma
~ MSI: 5 link(s) detected in 00mn 00s



~ 1463 Legitimates filtered by white list
End of the scan (619 lines in 01mn 30s)(0)
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 13:39

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
________________________________________________________________________________________________________

 Acesse o site [Você precisa estar registrado e conectado para ver este link.] e envie este arquivo destacado em negrito abaixo para ser analisado:

C:\Windows\SysWOW64\drivers\MouseUSB.sys

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com os outros logs pedidos nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

Analise arquivos e links suspeitos de forma online e totalmente gratuita
_______________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.


Última edição por Power Max em Qua 30 Jul 2014, 12:05, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Remover Baidu do Registro

Mensagem por Top Sugar em Seg 28 Jul 2014, 14:12

[Você precisa estar registrado e conectado para ver este link.]
avatar
Top Sugar
Iniciante
Iniciante

Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 14:15

faltou você postar o relatório do ZHPFix

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Power Max em Seg 28 Jul 2014, 14:18

E no caso daquele arquivo que você enviou para análise, envie ele novamente por gentileza. E ai quando o Virus Total dizer que ele já foi analisado, peça para ele reanalisar. E aí poste o link desta nova análise em sua próxima resposta juntamente com o relatório do ZHPFix.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Remover Baidu do registro

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 3 1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum