Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 20 usuários online :: 0 registrados, 0 invisíveis e 20 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Remover Baidu do registro
2 participantes
Página 1 de 3
Página 1 de 3 • 1, 2, 3 
Remover Baidu do registro
por Top Sugar Qui 24 Jul 2014, 18:26
Consegui remover quase tudo, ficou apenas isso que não pode ser apagado:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Sex 25 Jul 2014, 13:28
Olá.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Sex 25 Jul 2014, 15:25
# AdwCleaner v3.216 - Report created 25/07/2014 at 15:08:33
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TOP - VAIO
# Running from : C:\Users\TOP\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Windows\System32\roboot64.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [5375 octets] - [24/07/2014 15:26:56]
AdwCleaner[R1].txt - [1722 octets] - [25/07/2014 15:04:30]
AdwCleaner[S0].txt - [4487 octets] - [24/07/2014 15:28:24]
AdwCleaner[S1].txt - [1653 octets] - [25/07/2014 15:08:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1713 octets] ##########
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TOP - VAIO
# Running from : C:\Users\TOP\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Windows\System32\roboot64.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deleted [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*************************
AdwCleaner[R0].txt - [5375 octets] - [24/07/2014 15:26:56]
AdwCleaner[R1].txt - [1722 octets] - [25/07/2014 15:04:30]
AdwCleaner[S0].txt - [4487 octets] - [24/07/2014 15:28:24]
AdwCleaner[S1].txt - [1653 octets] - [25/07/2014 15:08:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1713 octets] ##########
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Sex 25 Jul 2014, 15:30
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Sex 25 Jul 2014, 16:12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by TOP on 25/07/2014 at 15:59:53,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\TOP\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/07/2014 at 16:09:33,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by TOP on 25/07/2014 at 15:59:53,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\TOP\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/07/2014 at 16:09:33,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
(RESOLVIDO) Remover Baidu do Registro
por Power Max Sex 25 Jul 2014, 16:14
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qua 30 Jul 2014, 12:00, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Executado Zoek
por Top Sugar Sex 25 Jul 2014, 17:04
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
Added to C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\TOP\.android deleted
C:\PROGRA~2\GUM4856.tmp deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\extensions deleted
C:\Users\TOP\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\T-App deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\TOP\AppData\LocalLow\ADSRemoval deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job deleted
C:\user.js deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adremoveext@adremoveext.net deleted
"C:\Windows\Installer\b2d6d.msi" deleted
==== Folders Found ======================
2014-04-02 19:01:06 2014-07-15 16:18:07 -------- d-----w- C:\$WINDOWS.~Q\DATA\ProgramData\baidu
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
--- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1556
Created time: 2013-11-08 12:21:35
Modified time: 2013-04-22 14:30:56
MD5: 670B367C3485AB4FA0046B9D1DDFF1B7
SHA1: DD0C159627F22F3BF83A8632A357EE62DE132EEC
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23199"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15/07/2014 12:19]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15/07/2014 12:19]
==== Firefox Extensions ======================
ProfilePath: C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nikpejgpnmgopkomlcfmghhpkoelbmgf - No path found[]
Google Translate - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb
Google Docs - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Advanced SystemCare Surfing Protection - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
YouTube - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Invalid Access Token. - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
AutoCAD 360 - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln
Google Finance - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp
Full Screen Weather - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg
Send Page - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\higemadklcnjhjpgcbnnbpgeeippjjcp
Simple Highlighter - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj
Desprotetor de Links - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei
Downloads - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb
Google Maps - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
GBBD Banco do Brasil - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp
Mail this link - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngjdhjgbagpeimgpgloofkfoipgpdgdb
Google Wallet - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Chrome to Phone Extension - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco
GBBD Caixa Economica Federal - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Send from Omnibox - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfebpahfiklkbdgdacdcdojjejhpbkgc
Gmail - TOP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmahepjjeckomgmgdoljgdbgbehiiphn deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\TOP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
C:\Users\TOP\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pcgligbhabkomdiohjlocgdofaicflae deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=bbl_pay_hp_02_hao123_br"
"Search Bar"="http://google.com"
"Search Page"="http://google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://google.com"
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} deleted successfully
HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts in Users Start Menu ======================
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Android Data Recovery.lnk - C:\Program Files (x86)\Android Data Recovery\AndroidDataRecovery.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Help.lnk - C:\Program Files (x86)\Android Data Recovery\Android Data Recovery.chm
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Uninstall Android Data Recovery.lnk - C:\Program Files (x86)\Android Data Recovery\uninst.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android Data Recovery\Website.lnk - C:\Program Files (x86)\Android Data Recovery\Android Data Recovery.url
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Chessmaster 10th Edition.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_96366949.lnk - C:\Users\TOP\AppData\Local\Temp\_uninst_96366949.bat
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk - C:\Program Files\Sony\VAIO Care\VAIOCare.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warranty Registration.lnk - C:\Program Files (x86)\Sony\Warranty Registration\02-03-10-backstage_v2.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\Windows\system32\printmanagement.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Central de Mouse e Teclado da Microsoft\Central de Mouse e Teclado da Microsoft.lnk - c:\Windows\Installer\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}\DeviceCenter.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Desinstalar Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Advanced Statistics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Event Viewer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Diagnostics
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Uninstall.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Centro de Carregamento do Office 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Preferências de Idioma do Office 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Desinstalar Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care\VAIO Care.lnk - C:\Program Files\Sony\VAIO Care\VAIOCare.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Backup e Restauração.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DESKTOP.lnk - \\RECEPCAO
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Explorer.lnk - C:\
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk - C:\Program Files (x86)\Glary Utilities\Integrator.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wondershare MobileGo for Android.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGo.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Atualizador ESET.lnk - C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Welcome Center.lnk - C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Acrobat 9 Pro Extended.lnk - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\dde_br.lnk - C:\Users\TOP\Desktop\BVMF\dde_br.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DMMultiView.lnk - C:\Program Files (x86)\DMMultiView\MultiView.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\inSSIDer 3.lnk - C:\Users\TOP\AppData\Roaming\Microsoft\Installer\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}\Icon.ico
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk -
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger .lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\TOP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="127.0.0.1:8080"
"ProxyOverride"="*.local;192.168.*.*"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nikpejgpnmgopkomlcfmghhpkoelbmgf deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DANFEViewMon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia2 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia3 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy Driver Pro deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWirelessWiMAX deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\monitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSafeSysTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SACMonitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slick Savings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tasktime.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TOP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TOP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=670 folders=176 151165786 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TOP\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\TOP\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 25/07/2014 at 16:47:33,25 ======================
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Sex 25 Jul 2014, 17:31
Desative temporariamente seu antivirus para evitar conflitos.
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Sex 25 Jul 2014, 20:23
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 25.07.2014.3
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 17:56:35 - 25/07/2014
update on : 25/07/2014 | 22.45 by g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[TOP (Administrator)] - [VAIO] - (BR [0409])
SID = S-1-5-21-3701455409-3707843946-3216141553-1000
System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
RAM memory = Total (MB) : 8369 | Free (MB) : 6215
Pagefile = Total (MB) : 16736 | Free (MB) : 14393
Virtual = Total (MB) : 4194 | Free (MB) : 4026
Registry saved, to restore : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
No windows updates detected !!!
¤¤¤¤¤¤¤¤¤¤ | Browsers
IE : 11.0.9600.17207 (© Microsoft Corporation. All rights reserved.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Order
AS: Windows Defender [Auto(2)] = Order
FW: Windows FireWall Service [Auto(2)] = Order
Deleted setting in a stand-by mode !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.145
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Killed processes
976 | [Owner : SYSTEM |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
144 | [Owner : SYSTEM |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
540 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1560 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1568 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1608 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2096 | [Owner : TOP |Parent : 2056] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2176 | [Owner : TOP |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2396 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2704 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2688 | [Owner : TOP |Parent : 2704] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2864 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3128 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3624 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3896 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3256 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3684 | [Owner : TOP |Parent : 2096] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3740 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3808 | [Owner : TOP |Parent : 2096] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
4016 | [Owner : TOP |Parent : 2096] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1272 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3088 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
3940 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3248 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3548 | [Owner : TOP |Parent : 3088] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3180 | [Owner : SYSTEM |Parent : 1272] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4276 | [Owner : TOP |Parent : 4016] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4612 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
4744 | [Owner : TOP |Parent : 3440] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4708 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
1244 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
4296 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1692 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2248 | [Owner : TOP |Parent : 1692] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
1784 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
4160 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5036 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
1540 | [Owner : TOP |Parent : 6004] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4500 | [Owner : SYSTEM |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
5384 | [Owner : SYSTEM |Parent : 4500] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
4372 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5452 | [Owner : SYSTEM |Parent : 1116] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
7008 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM64\..\Run : [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run : [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
¤¤¤¤¤¤¤¤¤¤ | Services
Service in functioning : WINDEFEND
Stopped service : WINDEFEND
Service in functioning : Dhcp
Stopped service : Dhcp
Service in functioning : TcpIp
Service in functioning : MPSSvc
Stopped service : MPSSvc
Service in functioning : Rasman
Stopped service : Rasman
Service in functioning : LanmanServer
Stopped service : LanmanServer
Service in functioning : DNScache
Stopped service : DNScache
Deleted successfully : HKLM\..\ControlSet001\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet001\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
Deleted successfully : HKLM\..\ControlSet002\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet002\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reseted successfully
¤¤¤¤¤¤¤¤¤¤ | Register
Deleted successfully : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\mediagetexportfile
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr.1
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector.1
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib.1
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine.1.2.7
Deleted successfully : HKLM\Software\Classes\Applications\Best Buy pc app Setup.exe :
Deleted successfully : HKLM\Software\Classes\Applications\iLividSetup-r585-n-bc.exe :
Deleted successfully : HKLM\Software\Classes\CLSID\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75} : CFXEngine Object (CLSID)
Deleted successfully : HKLM\Software\Classes\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} : Ads Removal
Deleted successfully : HKLM\Software\Classes\AppID\protector_dll.DLL
Deleted successfully : HKLM\Software\Classes\AppID\{96FBC13C-8214-4100-88E0-FF74D7A1CB4D} : protector_dll
Deleted successfully : HKLM\Software\Classes\TypeLib\{E78AF333-BB0C-473A-AE82-C0A2215BA39F} : RocketEngine 1.0 Type Library (1.0)
Deleted successfully : HKLM\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F} : IMinibarButton
Deleted successfully : HKLM64\Software\Classes\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} : ImelondreaBHO
Deleted successfully : HKLM64\Software\Classes\Interface\{C64BA349-1F34-4BFC-8D23-A317279D0CB9} : IRightSurfBHO
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Best Buy pc app
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Easy Driver Pro
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASAPI32
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASMANCS
Deleted successfully : HKLM\SOFTWARE\ADSRemoval
Deleted successfully : HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} : SuperfishIEAddon.dll;SuperfishIEAddon.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Deleted successfully : HKLM\Software\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 : 02:\SOFTWARE\Iminent\AppInstanceUid
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 : C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F : SweetIM Technical Support Department
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B} : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Folders | Files
Deleted successfully : C:\Windows\Tasks\RegCure Pro.job = ParetoLogic
Deleted successfully : C:\Program Files (x86)\Enigma Software Group
Deleted successfully : C:\Program Files\Enigma Software Group
Deleted successfully : C:\Users\All Users\Easy Driver Pro
Deleted successfully : C:\Users\All Users\Start Menu\Programs\Driver Booster
Deleted successfully : C:\Users\TOP\Downloads\Driver Booster 1.4
Deleted successfully : C:\Users\TOP\Downloads\namebench-1.3.1-Windows.exe (.- .)
Deleted successfully : C:\Users\TOP\Downloads\RegCure Pro 3.1.7 + Crack • CT ™
Deleted successfully : C:\Users\TOP\Downloads\SpyHunter.4.17.6.4336
Deleted successfully : C:\Users\TOP\Downloads\yet_another_cleaner_sk.exe (Copyright (c) 2011-2014 Elex do Brasil Participações Ltda.- . YAC Security Protection) Setup.exe
Deleted successfully : C:\Users\TOP\Start Menu\Programs\SpyHunter
Deleted successfully : C:\Users\TOP\Documents\Probit Software\Easy Driver Pro
Deleted successfully : C:\Users\TOP\Downloads\Início de Pastas Particulares\Claro
Deleted successfully : C:\Users\TOP\AppData\Roaming\br.com.meubolsoemdia.jimbo
Deleted successfully : C:\Users\TOP\AppData\Local\Best Buy pc app
Deleted successfully : C:\spyhunter.fix (.- .)
Deleted successfully : C:\Windows\Installer\28a77.msi(Best Buy pc app Setup Installation - Best Buy)
¤¤¤¤¤¤¤¤¤¤ | .LNK
¤¤¤¤¤¤¤¤¤¤ | opening unknown extension
¤¤¤¤¤¤¤¤¤¤ | Proxy
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[EnableHttp1_1] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤¤¤¤¤¤¤¤¤¤ | Google Chrome
Deleted successfully : HKLM\Software\Policies\Google
[TOP] Reseted successfully : SearchURL
¤¤¤¤¤¤¤¤¤¤ | Firefox
¤¤¤¤¤¤¤¤¤¤ | SeaMonkey
¤¤¤¤¤¤¤¤¤¤ | Pale moon
¤¤¤¤¤¤¤¤¤¤ | Opera
¤¤¤¤¤¤¤¤¤¤ | StartMenuInternet
Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"
¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs
¤¤¤¤¤¤¤¤¤¤ | Javascript
¤¤¤¤¤¤¤¤¤¤ | Firewall
¤¤¤¤¤¤¤¤¤¤ | ADS
¤¤¤¤¤¤¤¤¤¤ | Temporary files
[Administrator] Temporary files deleted : 0 Ko
[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Guest] Temporary files deleted : 0 Ko
[HomeGroupUser$] Temporary files deleted : 0 Ko
[Public] Temporary files deleted : 0 Ko
[TOP] Temporary files deleted : 1845 Ko
[C:\Windows\Temp] Temporary files deleted : 0 Ko
[C:\Temp] Temporary files deleted : 0 Ko
Restarted service : Dhcp
Restarted service : DNScache
Restarted service : LanmanServer
Restarted service : MPSsvc
Other(s) report(s)
Restored setting in a stand-by mode
¤¤¤¤¤¤¤¤¤¤ | Listing
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)
[26/07/2011 12:18:47] - |D| - C:\Program Files (x86)\Acro Software
[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Adobe
[24/06/2014 14:57:29] - |D| - C:\Program Files (x86)\Android Data Recovery
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\ArcSoft
[24/01/2014 14:11:25] - |D| - C:\Program Files (x86)\Baidu Security
[18/03/2011 11:48:52] - |D| - C:\Program Files (x86)\BuscaPe Na Hora
[29/11/2011 06:48:24] - |D| - C:\Program Files (x86)\CDBurnerXP
[16/05/2011 16:47:48] - |D| - C:\Program Files (x86)\Chessmaster 10th Edition
[12/03/2011 23:45:39] - |D| - C:\Program Files (x86)\Cisco
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files
[13/03/2011 00:24:07] - |D| - C:\Program Files (x86)\Corel
[21/03/2012 09:14:27] - |D| - C:\Program Files (x86)\D-Link
[12/03/2011 23:36:19] - |D| - C:\Program Files (x86)\DDNi
[14/07/2009 01:54:24] - |ASH| - C:\Program Files (x86)\desktop.ini
[21/07/2014 09:10:49] - |D| - C:\Program Files (x86)\DLLSuite
[13/07/2011 10:11:31] - |D| - C:\Program Files (x86)\DMMultiView
[06/03/2013 08:00:52] - |D| - C:\Program Files (x86)\ESET
[29/11/2011 14:53:39] - |D| - C:\Program Files (x86)\FreeTime
[15/03/2011 09:37:36] - |D| - C:\Program Files (x86)\GbPlugin
[10/10/2012 14:36:46] - |D| - C:\Program Files (x86)\Glary Utilities
[12/03/2011 23:57:21] - |D| - C:\Program Files (x86)\Google
[26/07/2011 12:20:02] - |D| - C:\Program Files (x86)\GPLGS
[07/05/2012 13:30:52] - |D| - C:\Program Files (x86)\Hewlett-Packard
[15/03/2011 08:38:08] - |D| - C:\Program Files (x86)\HP
[15/03/2011 08:44:22] - |D| - C:\Program Files (x86)\HP Photo Creations
[17/03/2012 10:04:30] - |D| - C:\Program Files (x86)\hpmon
[30/04/2013 08:22:12] - |HD| - C:\Program Files (x86)\InstallJammer Registry
[29/07/2010 15:01:15] - |HD| - C:\Program Files (x86)\InstallShield Installation Information
[29/07/2010 14:57:59] - |D| - C:\Program Files (x86)\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Internet Explorer
[16/03/2011 09:12:52] - |D| - C:\Program Files (x86)\IObit
[13/03/2011 00:08:01] - |D| - C:\Program Files (x86)\Java
[30/11/2011 06:42:28] - |D| - C:\Program Files (x86)\K-Lite Video Conversion Pack
[15/07/2014 14:40:42] - |D| - C:\Program Files (x86)\Malwarebytes Anti-Malware
[19/10/2012 10:41:34] - |D| - C:\Program Files (x86)\Marvell
[19/03/2012 07:55:25] - |D| - C:\Program Files (x86)\MetaGeek
[13/03/2011 01:12:17] - |D| - C:\Program Files (x86)\Microsoft
[16/03/2011 08:16:04] - |D| - C:\Program Files (x86)\Microsoft Analysis Services
[26/08/2013 15:57:58] - |D| - C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
[13/03/2011 00:09:46] - |D| - C:\Program Files (x86)\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files (x86)\Microsoft Silverlight
[11/07/2014 18:40:06] - |D| - C:\Program Files (x86)\Microsoft SQL Server
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft Synchronization Services
[13/03/2011 02:30:37] - |D| - C:\Program Files (x86)\Microsoft.NET
[31/03/2011 08:24:42] - |D| - C:\Program Files (x86)\Motorola
[13/09/2011 09:01:05] - |D| - C:\Program Files (x86)\Motorola Media Link
[24/10/2012 09:53:43] - |D| - C:\Program Files (x86)\Motorola Mobility
[12/03/2011 22:50:45] - |D| - C:\Program Files (x86)\Mozilla Firefox
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\MSBuild
[16/07/2014 11:57:45] - |D| - C:\Program Files (x86)\MSECache
[13/03/2011 00:31:24] - |D| - C:\Program Files (x86)\MSXML 4.0
[17/03/2012 10:23:03] - |D| - C:\Program Files (x86)\NetSupport
[17/03/2012 10:06:41] - |D| - C:\Program Files (x86)\NetSupport Manager
[17/03/2011 16:14:58] - |D| - C:\Program Files (x86)\Nokia
[30/07/2011 16:49:20] - |D| - C:\Program Files (x86)\NVIDIA Corporation
[21/12/2011 18:18:43] - |D| - C:\Program Files (x86)\OpenOffice.org 3
[27/06/2012 17:38:40] - |D| - C:\Program Files (x86)\Oracle
[30/11/2011 07:08:11] - |D| - C:\Program Files (x86)\PDFStudio
[12/03/2011 23:40:30] - |D| - C:\Program Files (x86)\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Reference Assemblies
[29/07/2010 15:01:39] - |D| - C:\Program Files (x86)\Renesas Electronics
[19/11/2012 14:25:55] - |D| - C:\Program Files (x86)\Respironics
[19/10/2012 14:07:18] - |D| - C:\Program Files (x86)\Ricoh
[17/10/2012 15:01:35] - |D| - C:\Program Files (x86)\Scan2PDF
[16/03/2011 12:17:25] - |D| - C:\Program Files (x86)\Scpad
[21/03/2011 08:33:02] - |RD| - C:\Program Files (x86)\Skype
[13/03/2011 00:14:45] - |D| - C:\Program Files (x86)\Sony
[19/02/2013 12:03:59] - |D| - C:\Program Files (x86)\Spybot - Search & Destroy 2
[12/03/2011 23:40:30] - |HD| - C:\Program Files (x86)\Temp
[14/07/2009 01:57:06] - |HD| - C:\Program Files (x86)\Uninstall Information
[21/11/2012 14:23:39] - |D| - C:\Program Files (x86)\uTorrent
[15/07/2014 14:37:34] - |D| - C:\Program Files (x86)\VS Revo Group
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Defender
[13/03/2011 00:19:07] - |D| - C:\Program Files (x86)\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Sidebar
[13/03/2011 01:13:21] - |D| - C:\Program Files (x86)\WinRAR
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files
[15/07/2014 12:04:06] - |D| - C:\Program Files\Apoint
[22/07/2014 17:37:25] - |D| - C:\Program Files\CCleaner
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files
[14/07/2009 01:54:24] - |ASH| - C:\Program Files\desktop.ini
[17/03/2011 16:15:46] - |D| - C:\Program Files\DIFX
[14/07/2009 02:32:38] - |D| - C:\Program Files\DVD Maker
[25/01/2013 14:09:39] - |D| - C:\Program Files\ESET
[12/03/2011 23:57:22] - |D| - C:\Program Files\Google
[15/03/2011 08:29:24] - |D| - C:\Program Files\HP
[12/03/2011 23:45:39] - |D| - C:\Program Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Internet Explorer
[13/03/2011 00:06:04] - |D| - C:\Program Files\Java
[24/07/2014 12:15:15] - |D| - C:\Program Files\McAfee Security Scan
[09/10/2011 09:58:52] - |D| - C:\Program Files\MetaGeek
[16/03/2011 08:16:04] - |D| - C:\Program Files\Microsoft Analysis Services
[14/07/2009 02:32:38] - |D| - C:\Program Files\Microsoft Games
[05/08/2011 08:42:18] - |D| - C:\Program Files\Microsoft IntelliPoint
[01/07/2014 11:16:06] - |D| - C:\Program Files\Microsoft Mouse and Keyboard Center
[13/03/2011 00:09:56] - |D| - C:\Program Files\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files\Microsoft Silverlight
[11/07/2014 18:38:38] - |D| - C:\Program Files\Microsoft SQL Server
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft Sync Framework
[16/03/2011 08:19:08] - |D| - C:\Program Files\Microsoft Synchronization Services
[11/07/2014 18:53:41] - |D| - C:\Program Files\Microsoft.NET
[05/12/2013 08:47:01] - |D| - C:\Program Files\Motorola Mobility LLC
[14/07/2009 02:32:38] - |D| - C:\Program Files\MSBuild
[15/07/2014 12:03:13] - |D| - C:\Program Files\NVIDIA Corporation
[13/03/2011 00:12:41] - |D| - C:\Program Files\PlayReady
[15/07/2014 12:04:15] - |D| - C:\Program Files\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files\Reference Assemblies
[19/03/2014 11:02:25] - |D| - C:\Program Files\SafeNet
[12/03/2011 23:31:13] - |D| - C:\Program Files\Sony
[13/03/2011 01:04:57] - |D| - C:\Program Files\SPHE BD-Live
[15/07/2014 12:02:46] - |D| - C:\Program Files\Synaptics
[14/07/2009 02:09:26] - |HD| - C:\Program Files\Uninstall Information
[23/11/2012 08:48:00] - |D| - C:\Program Files\WIDCOMM
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Defender
[21/11/2010 04:16:54] - |D| - C:\Program Files\Windows Journal
[04/01/2012 13:56:35] - |D| - C:\Program Files\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Sidebar
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files
[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Common Files\Adobe
[12/12/2012 15:35:41] - |D| - C:\Program Files (x86)\Common Files\Adobe AIR
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\Common Files\ArcSoft
[15/03/2011 08:41:06] - |D| - C:\Program Files (x86)\Common Files\Hewlett-Packard
[15/03/2011 08:41:11] - |D| - C:\Program Files (x86)\Common Files\HP
[12/03/2011 23:40:27] - |D| - C:\Program Files (x86)\Common Files\InstallShield
[13/03/2011 00:24:21] - |D| - C:\Program Files (x86)\Common Files\InterVideo
[17/07/2014 09:46:16] - |D| - C:\Program Files (x86)\Common Files\Java
[03/07/2012 09:55:54] - |D| - C:\Program Files (x86)\Common Files\Macrovision Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\microsoft shared
[23/05/2012 16:55:28] - |D| - C:\Program Files (x86)\Common Files\MSSoap
[13/09/2011 09:01:20] - |D| - C:\Program Files (x86)\Common Files\Nero
[17/03/2011 16:16:06] - |D| - C:\Program Files (x86)\Common Files\Nokia
[13/03/2011 00:24:13] - |D| - C:\Program Files (x86)\Common Files\Protexis
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\Services
[01/07/2014 11:42:45] - |D| - C:\Program Files (x86)\Common Files\Skype
[12/03/2011 23:53:39] - |D| - C:\Program Files (x86)\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\System
[13/03/2011 01:11:10] - |D| - C:\Program Files (x86)\Common Files\Windows Live
[18/07/2014 16:18:02] - |D| - C:\Program Files (x86)\Common Files\Wise Installation Wizard
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common Files
[14/05/2014 14:32:40] - |D| - C:\Program Files\Common Files\DESIGNER
[12/03/2011 23:45:40] - |D| - C:\Program Files\Common Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Microsoft Shared
[27/03/2011 08:45:42] - |D| - C:\Program Files\Common Files\Motorola Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Services
[12/03/2011 23:53:39] - |D| - C:\Program Files\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\System
¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Roaming
[24/09/2012 14:27:36] - |A| - C:\Users\TOP\AppData\Roaming\.backup.dm
[21/11/2013 14:39:19] - |D| - C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
[12/03/2011 20:37:43] - |D| - C:\Users\TOP\AppData\Roaming\Adobe
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Roaming\Apple Computer
[13/03/2011 09:46:45] - |D| - C:\Users\TOP\AppData\Roaming\ArcSoft
[14/04/2011 15:52:42] - |D| - C:\Users\TOP\AppData\Roaming\Auslogics
[30/11/2011 06:45:56] - |D| - C:\Users\TOP\AppData\Roaming\avidemux
[24/01/2014 14:12:22] - |D| - C:\Users\TOP\AppData\Roaming\Baidu Security
[20/11/2013 14:41:59] - |D| - C:\Users\TOP\AppData\Roaming\br.com.iba.magazinesdesktop
[29/11/2011 06:48:41] - |D| - C:\Users\TOP\AppData\Roaming\Canneverbe Limited
[04/09/2011 11:25:09] - |D| - C:\Users\TOP\AppData\Roaming\Corel
[10/10/2012 14:36:46] - |D| - C:\Users\TOP\AppData\Roaming\GlarySoft
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Roaming\Google
[15/03/2011 08:49:36] - |D| - C:\Users\TOP\AppData\Roaming\HP
[15/03/2011 08:44:17] - |D| - C:\Users\TOP\AppData\Roaming\HpUpdate
[12/03/2011 20:24:18] - |D| - C:\Users\TOP\AppData\Roaming\Identities
[12/03/2011 22:19:18] - |D| - C:\Users\TOP\AppData\Roaming\Intel
[12/03/2011 20:24:54] - |D| - C:\Users\TOP\AppData\Roaming\Intel Corporation
[16/03/2011 09:12:54] - |D| - C:\Users\TOP\AppData\Roaming\IObit
[31/01/2013 08:09:41] - |D| - C:\Users\TOP\AppData\Roaming\iolo
[12/03/2011 20:43:14] - |D| - C:\Users\TOP\AppData\Roaming\Macromedia
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Roaming\Media Center Programs
[15/07/2014 12:06:07] - |SD| - C:\Users\TOP\AppData\Roaming\Microsoft
[13/09/2011 09:02:30] - |D| - C:\Users\TOP\AppData\Roaming\motorola
[25/07/2012 18:35:53] - |D| - C:\Users\TOP\AppData\Roaming\Motorola Mobility
[21/12/2012 14:30:00] - |D| - C:\Users\TOP\AppData\Roaming\Mozilla
[17/03/2012 10:08:22] - |D| - C:\Users\TOP\AppData\Roaming\NetSupport
[17/03/2011 16:19:57] - |D| - C:\Users\TOP\AppData\Roaming\Nokia
[17/03/2011 16:37:37] - |D| - C:\Users\TOP\AppData\Roaming\Nokia Ovi Suite
[23/06/2011 17:18:00] - |D| - C:\Users\TOP\AppData\Roaming\NVIDIA
[21/12/2011 19:21:45] - |D| - C:\Users\TOP\AppData\Roaming\OpenOffice.org
[17/03/2011 16:16:55] - |D| - C:\Users\TOP\AppData\Roaming\PC Suite
[16/05/2014 10:43:33] - |D| - C:\Users\TOP\AppData\Roaming\ProductData
[21/03/2011 08:33:21] - |D| - C:\Users\TOP\AppData\Roaming\Skype
[21/03/2011 08:44:41] - |D| - C:\Users\TOP\AppData\Roaming\skypePM
[12/03/2011 20:21:41] - |D| - C:\Users\TOP\AppData\Roaming\Sony Corporation
[17/03/2012 09:59:46] - |D| - C:\Users\TOP\AppData\Roaming\T-App
[21/11/2012 14:22:04] - |D| - C:\Users\TOP\AppData\Roaming\uTorrent
[19/10/2012 10:56:18] - |D| - C:\Users\TOP\AppData\Roaming\WinBatch
[25/07/2014 09:24:34] - |D| - C:\Users\TOP\AppData\Roaming\WinRAR
¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Local
[15/03/2011 09:25:55] - |D| - C:\Users\TOP\AppData\Local\Adobe
[01/08/2011 15:48:21] - |D| - C:\Users\TOP\AppData\Local\Apple
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Local\Apple Computer
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Application Data
[12/03/2011 20:24:39] - |D| - C:\Users\TOP\AppData\Local\Apps
[13/03/2011 09:46:47] - |D| - C:\Users\TOP\AppData\Local\ArcSoft
[02/02/2013 08:25:30] - |D| - C:\Users\TOP\AppData\Local\BeCrux
[25/11/2012 08:43:04] - |D| - C:\Users\TOP\AppData\Local\Broadcom
[27/03/2011 08:49:12] - |D| - C:\Users\TOP\AppData\Local\BVRP Software
[14/07/2014 14:24:37] - |D| - C:\Users\TOP\AppData\Local\Comodo
[12/03/2011 20:28:07] - |D| - C:\Users\TOP\AppData\Local\Diagnostics
[13/09/2011 09:00:01] - |D| - C:\Users\TOP\AppData\Local\Downloaded Installations
[30/03/2011 14:55:10] - |D| - C:\Users\TOP\AppData\Local\ElevatedDiagnostics
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieSiteList
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieUserList
[15/03/2011 08:10:30] - |D| - C:\Users\TOP\AppData\Local\ESET
[20/06/2013 14:41:33] - |D| - C:\Users\TOP\AppData\Local\GAS Tecnologia
[15/07/2014 13:51:52] - |A| - C:\Users\TOP\AppData\Local\GDIPFONTCACHEV1.DAT
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Local\Google
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\History
[15/03/2011 08:51:33] - |D| - C:\Users\TOP\AppData\Local\HP
[22/07/2014 18:57:55] - |AH| - C:\Users\TOP\AppData\Local\IconCache.db
[27/03/2011 12:50:57] - |D| - C:\Users\TOP\AppData\Local\IsolatedStorage
[09/10/2011 10:33:56] - |D| - C:\Users\TOP\AppData\Local\MetaGeek,_LLC
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Local\Microsoft
[17/03/2012 12:21:39] - |D| - C:\Users\TOP\AppData\Local\Microsoft Games
[15/03/2011 07:26:25] - |D| - C:\Users\TOP\AppData\Local\Microsoft Help
[23/09/2011 18:29:35] - |D| - C:\Users\TOP\AppData\Local\Motosftemp
[26/08/2013 15:59:14] - |D| - C:\Users\TOP\AppData\Local\MSKLC
[17/03/2011 16:17:44] - |D| - C:\Users\TOP\AppData\Local\Nokia
[05/09/2011 12:13:07] - |D| - C:\Users\TOP\AppData\Local\NokiaAccount
[14/07/2014 14:24:47] - |D| - C:\Users\TOP\AppData\Local\Packages
[13/03/2011 09:47:23] - |D| - C:\Users\TOP\AppData\Local\Programs
[24/09/2012 14:29:02] - |D| - C:\Users\TOP\AppData\Local\Proxure
[19/11/2012 14:26:47] - |D| - C:\Users\TOP\AppData\Local\Respironics
[05/05/2014 16:25:51] - |D| - C:\Users\TOP\AppData\Local\Skype
[12/03/2011 21:08:12] - |D| - C:\Users\TOP\AppData\Local\Sony Corporation
[08/08/2011 08:26:14] - |D| - C:\Users\TOP\AppData\Local\Sony Ericsson
[25/07/2014 16:45:41] - |D| - C:\Users\TOP\AppData\Local\Temp
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Temporary Internet Files
[12/03/2011 20:22:10] - |D| - C:\Users\TOP\AppData\Local\VirtualStore
[04/01/2012 13:14:39] - |D| - C:\Users\TOP\AppData\Local\Windows Live
[04/01/2012 14:59:31] - |D| - C:\Users\TOP\AppData\Local\Windows Live Writer
¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData
[24/09/2012 16:21:45] - |D| - C:\ProgramData\A-PDF
[12/03/2011 23:56:10] - |D| - C:\ProgramData\Adobe
[01/08/2011 15:47:05] - |D| - C:\ProgramData\Apple
[01/08/2011 15:48:30] - |D| - C:\ProgramData\Apple Computer
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Application Data
[13/03/2011 09:46:47] - |D| - C:\ProgramData\ArcSoft
[28/03/2011 10:01:58] - |D| - C:\ProgramData\Avanquest Bluetooth SDK
[24/01/2014 14:11:25] - |D| - C:\ProgramData\Baidu Security
[27/03/2011 08:45:31] - |D| - C:\ProgramData\BVRP Software
[29/11/2011 06:48:41] - |D| - C:\ProgramData\Canneverbe Limited
[12/03/2011 23:36:19] - |D| - C:\ProgramData\DDNi
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Documents
[29/07/2010 15:01:34] - |D| - C:\ProgramData\Downloaded Installations
[15/07/2014 12:04:40] - |AH| - C:\ProgramData\DP45977C.lfl
[29/01/2014 08:42:50] - |D| - C:\ProgramData\ESET
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Favorites
[03/07/2012 10:01:46] - |D| - C:\ProgramData\FLEXnet
[20/06/2013 14:41:33] - |D| - C:\ProgramData\GAS Tecnologia
[15/03/2011 09:37:36] - |D| - C:\ProgramData\GbPlugin
[12/03/2011 23:57:21] - |D| - C:\ProgramData\Google
[15/03/2011 08:26:16] - |D| - C:\ProgramData\HP
[15/03/2011 08:44:22] - |D| - C:\ProgramData\HP Photo Creations
[15/03/2011 08:42:57] - |D| - C:\ProgramData\HP Product Assistant
[12/03/2011 23:45:39] - |D| - C:\ProgramData\Intel
[23/06/2011 20:20:06] - |D| - C:\ProgramData\IObit
[31/01/2013 08:09:41] - |D| - C:\ProgramData\iolo
[24/07/2014 11:45:20] - |D| - C:\ProgramData\Kaspersky Lab
[11/07/2012 08:21:08] - |D| - C:\ProgramData\LGMOBILEAX
[25/07/2014 09:26:41] - |D| - C:\ProgramData\Logs
[15/07/2014 14:40:42] - |D| - C:\ProgramData\Malwarebytes
[25/11/2013 09:22:49] - |D| - C:\ProgramData\McAfee
[24/07/2014 12:15:17] - |D| - C:\ProgramData\McAfee Security Scan
[14/07/2009 00:20:08] - |SD| - C:\ProgramData\Microsoft
[15/03/2011 07:26:18] - |D| - C:\ProgramData\Microsoft Help
[11/07/2014 19:38:14] - |D| - C:\ProgramData\Microsoft Toolkit
[13/09/2011 09:02:15] - |D| - C:\ProgramData\Motorola
[17/03/2012 10:08:23] - |D| - C:\ProgramData\NetSupport
[14/07/2014 14:24:38] - |RASH| - C:\ProgramData\ntuser.pol
[15/07/2014 12:04:01] - |D| - C:\ProgramData\NVIDIA
[15/07/2014 12:03:24] - |D| - C:\ProgramData\NVIDIA Corporation
[17/03/2011 16:16:58] - |D| - C:\ProgramData\PC Suite
[11/07/2014 18:39:48] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[21/03/2011 08:32:58] - |D| - C:\ProgramData\Skype
[29/07/2010 17:44:18] - |D| - C:\ProgramData\Sony Corporation
[19/02/2013 12:04:24] - |D| - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Start Menu
[13/03/2011 00:08:07] - |D| - C:\ProgramData\Sun
[03/04/2013 15:05:05] - |D| - C:\ProgramData\Temp
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Templates
[10/04/2011 10:32:15] - |D| - C:\ProgramData\TorrentEasy
[15/03/2011 08:49:36] - |D| - C:\ProgramData\WEBREG
[21/07/2014 09:11:18] - |D| - C:\ProgramData\Weskysoft
[01/08/2011 15:49:30] - |D| - C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[19/10/2012 09:45:35] - |D| - C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
[12/03/2011 23:56:42] - |HDC| - C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
[X] : [238991 Ko]
Analyzed elements : 343067 | Modified : 12 | Infected : 96
¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 20:03:12 | [45 Ko]
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 17:56:35 - 25/07/2014
update on : 25/07/2014 | 22.45 by g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assistance : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Boot: Normal boot
[TOP (Administrator)] - [VAIO] - (BR [0409])
SID = S-1-5-21-3701455409-3707843946-3216141553-1000
System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
RAM memory = Total (MB) : 8369 | Free (MB) : 6215
Pagefile = Total (MB) : 16736 | Free (MB) : 14393
Virtual = Total (MB) : 4194 | Free (MB) : 4026
Registry saved, to restore : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
No windows updates detected !!!
¤¤¤¤¤¤¤¤¤¤ | Browsers
IE : 11.0.9600.17207 (© Microsoft Corporation. All rights reserved.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Order
AS: Windows Defender [Auto(2)] = Order
FW: Windows FireWall Service [Auto(2)] = Order
Deleted setting in a stand-by mode !
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
ActiveX : 14.0.0.145
Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Killed processes
976 | [Owner : SYSTEM |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
144 | [Owner : SYSTEM |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
540 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1560 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1568 | [Owner : SYSTEM |Parent : 144] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1608 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2096 | [Owner : TOP |Parent : 2056] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2176 | [Owner : TOP |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2176] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2396 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2704 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2688 | [Owner : TOP |Parent : 2704] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2864 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3128 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3624 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3896 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3256 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3684 | [Owner : TOP |Parent : 2096] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3740 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3808 | [Owner : TOP |Parent : 2096] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
4016 | [Owner : TOP |Parent : 2096] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1272 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3088 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
3940 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3248 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3548 | [Owner : TOP |Parent : 3088] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3180 | [Owner : SYSTEM |Parent : 1272] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4276 | [Owner : TOP |Parent : 4016] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4612 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
4744 | [Owner : TOP |Parent : 3440] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4708 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
1244 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
4296 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1692 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2248 | [Owner : TOP |Parent : 1692] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
1784 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
4160 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5036 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
1540 | [Owner : TOP |Parent : 6004] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4500 | [Owner : SYSTEM |Parent : 1160] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
5384 | [Owner : SYSTEM |Parent : 4500] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
4372 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5452 | [Owner : SYSTEM |Parent : 1116] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
7008 | [Owner : TOP |Parent : 2176] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM64\..\Run : [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run : [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
¤¤¤¤¤¤¤¤¤¤ | Services
Service in functioning : WINDEFEND
Stopped service : WINDEFEND
Service in functioning : Dhcp
Stopped service : Dhcp
Service in functioning : TcpIp
Service in functioning : MPSSvc
Stopped service : MPSSvc
Service in functioning : Rasman
Stopped service : Rasman
Service in functioning : LanmanServer
Stopped service : LanmanServer
Service in functioning : DNScache
Stopped service : DNScache
Deleted successfully : HKLM\..\ControlSet001\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet001\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
Deleted successfully : HKLM\..\ControlSet002\Services\Bprotect : 4, 4, 4, 7875
Deleted successfully : HKLM\..\ControlSet002\Services\esgiguard : \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Reseted successfully
¤¤¤¤¤¤¤¤¤¤ | Register
Deleted successfully : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\mediagetexportfile
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr
Deleted successfully : HKLM\Software\Classes\HPISDataManager.Datamgr.1
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector
Deleted successfully : HKLM\Software\Classes\protector_dll.Protector.1
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib.1
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine
Deleted successfully : HKLM\Software\Classes\protector_dll.ProtectorLib
Deleted successfully : HKLM\Software\Classes\RocketEngine.FXEngine.1.2.7
Deleted successfully : HKLM\Software\Classes\Applications\Best Buy pc app Setup.exe :
Deleted successfully : HKLM\Software\Classes\Applications\iLividSetup-r585-n-bc.exe :
Deleted successfully : HKLM\Software\Classes\CLSID\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75} : CFXEngine Object (CLSID)
Deleted successfully : HKLM\Software\Classes\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} : Ads Removal
Deleted successfully : HKLM\Software\Classes\AppID\protector_dll.DLL
Deleted successfully : HKLM\Software\Classes\AppID\{96FBC13C-8214-4100-88E0-FF74D7A1CB4D} : protector_dll
Deleted successfully : HKLM\Software\Classes\TypeLib\{E78AF333-BB0C-473A-AE82-C0A2215BA39F} : RocketEngine 1.0 Type Library (1.0)
Deleted successfully : HKLM\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A7037C8B-BA3E-4970-A552-766F96A0DA72} : {E78AF333-BB0C-473A-AE82-C0A2215BA39F}
Deleted successfully : HKLM64\Software\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F} : IMinibarButton
Deleted successfully : HKLM64\Software\Classes\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} : ImelondreaBHO
Deleted successfully : HKLM64\Software\Classes\Interface\{C64BA349-1F34-4BFC-8D23-A317279D0CB9} : IRightSurfBHO
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Best Buy pc app
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Easy Driver Pro
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASAPI32
Deleted successfully : HKLM\Software\Microsoft\Tracing\iSafeSvc2_RASMANCS
Deleted successfully : HKLM\SOFTWARE\ADSRemoval
Deleted successfully : HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} : SuperfishIEAddon.dll;SuperfishIEAddon.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0}
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75}
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Deleted successfully : HKLM\Software\Classes\Installer\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 : 02:\SOFTWARE\Iminent\AppInstanceUid
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 : C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F : SweetIM Technical Support Department
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7664CBBF125287E41BDB78607F4745B9 : Best Buy pc app
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B} : Best Buy pc app
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly
Deleted successfully : HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser
¤¤¤¤¤¤¤¤¤¤ | Offsets
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Folders | Files
Deleted successfully : C:\Windows\Tasks\RegCure Pro.job = ParetoLogic
Deleted successfully : C:\Program Files (x86)\Enigma Software Group
Deleted successfully : C:\Program Files\Enigma Software Group
Deleted successfully : C:\Users\All Users\Easy Driver Pro
Deleted successfully : C:\Users\All Users\Start Menu\Programs\Driver Booster
Deleted successfully : C:\Users\TOP\Downloads\Driver Booster 1.4
Deleted successfully : C:\Users\TOP\Downloads\namebench-1.3.1-Windows.exe (.- .)
Deleted successfully : C:\Users\TOP\Downloads\RegCure Pro 3.1.7 + Crack • CT ™
Deleted successfully : C:\Users\TOP\Downloads\SpyHunter.4.17.6.4336
Deleted successfully : C:\Users\TOP\Downloads\yet_another_cleaner_sk.exe (Copyright (c) 2011-2014 Elex do Brasil Participações Ltda.- . YAC Security Protection) Setup.exe
Deleted successfully : C:\Users\TOP\Start Menu\Programs\SpyHunter
Deleted successfully : C:\Users\TOP\Documents\Probit Software\Easy Driver Pro
Deleted successfully : C:\Users\TOP\Downloads\Início de Pastas Particulares\Claro
Deleted successfully : C:\Users\TOP\AppData\Roaming\br.com.meubolsoemdia.jimbo
Deleted successfully : C:\Users\TOP\AppData\Local\Best Buy pc app
Deleted successfully : C:\spyhunter.fix (.- .)
Deleted successfully : C:\Windows\Installer\28a77.msi(Best Buy pc app Setup Installation - Best Buy)
¤¤¤¤¤¤¤¤¤¤ | .LNK
¤¤¤¤¤¤¤¤¤¤ | opening unknown extension
¤¤¤¤¤¤¤¤¤¤ | Proxy
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[EnableHttp1_1] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKLM64\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤¤¤¤¤¤¤¤¤¤ | Google Chrome
Deleted successfully : HKLM\Software\Policies\Google
[TOP] Reseted successfully : SearchURL
¤¤¤¤¤¤¤¤¤¤ | Firefox
¤¤¤¤¤¤¤¤¤¤ | SeaMonkey
¤¤¤¤¤¤¤¤¤¤ | Pale moon
¤¤¤¤¤¤¤¤¤¤ | Opera
¤¤¤¤¤¤¤¤¤¤ | StartMenuInternet
Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"
¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs
¤¤¤¤¤¤¤¤¤¤ | Javascript
¤¤¤¤¤¤¤¤¤¤ | Firewall
¤¤¤¤¤¤¤¤¤¤ | ADS
¤¤¤¤¤¤¤¤¤¤ | Temporary files
[Administrator] Temporary files deleted : 0 Ko
[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Guest] Temporary files deleted : 0 Ko
[HomeGroupUser$] Temporary files deleted : 0 Ko
[Public] Temporary files deleted : 0 Ko
[TOP] Temporary files deleted : 1845 Ko
[C:\Windows\Temp] Temporary files deleted : 0 Ko
[C:\Temp] Temporary files deleted : 0 Ko
Restarted service : Dhcp
Restarted service : DNScache
Restarted service : LanmanServer
Restarted service : MPSsvc
Other(s) report(s)
Restored setting in a stand-by mode
¤¤¤¤¤¤¤¤¤¤ | Listing
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)
[26/07/2011 12:18:47] - |D| - C:\Program Files (x86)\Acro Software
[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Adobe
[24/06/2014 14:57:29] - |D| - C:\Program Files (x86)\Android Data Recovery
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\ArcSoft
[24/01/2014 14:11:25] - |D| - C:\Program Files (x86)\Baidu Security
[18/03/2011 11:48:52] - |D| - C:\Program Files (x86)\BuscaPe Na Hora
[29/11/2011 06:48:24] - |D| - C:\Program Files (x86)\CDBurnerXP
[16/05/2011 16:47:48] - |D| - C:\Program Files (x86)\Chessmaster 10th Edition
[12/03/2011 23:45:39] - |D| - C:\Program Files (x86)\Cisco
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files
[13/03/2011 00:24:07] - |D| - C:\Program Files (x86)\Corel
[21/03/2012 09:14:27] - |D| - C:\Program Files (x86)\D-Link
[12/03/2011 23:36:19] - |D| - C:\Program Files (x86)\DDNi
[14/07/2009 01:54:24] - |ASH| - C:\Program Files (x86)\desktop.ini
[21/07/2014 09:10:49] - |D| - C:\Program Files (x86)\DLLSuite
[13/07/2011 10:11:31] - |D| - C:\Program Files (x86)\DMMultiView
[06/03/2013 08:00:52] - |D| - C:\Program Files (x86)\ESET
[29/11/2011 14:53:39] - |D| - C:\Program Files (x86)\FreeTime
[15/03/2011 09:37:36] - |D| - C:\Program Files (x86)\GbPlugin
[10/10/2012 14:36:46] - |D| - C:\Program Files (x86)\Glary Utilities
[12/03/2011 23:57:21] - |D| - C:\Program Files (x86)\Google
[26/07/2011 12:20:02] - |D| - C:\Program Files (x86)\GPLGS
[07/05/2012 13:30:52] - |D| - C:\Program Files (x86)\Hewlett-Packard
[15/03/2011 08:38:08] - |D| - C:\Program Files (x86)\HP
[15/03/2011 08:44:22] - |D| - C:\Program Files (x86)\HP Photo Creations
[17/03/2012 10:04:30] - |D| - C:\Program Files (x86)\hpmon
[30/04/2013 08:22:12] - |HD| - C:\Program Files (x86)\InstallJammer Registry
[29/07/2010 15:01:15] - |HD| - C:\Program Files (x86)\InstallShield Installation Information
[29/07/2010 14:57:59] - |D| - C:\Program Files (x86)\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Internet Explorer
[16/03/2011 09:12:52] - |D| - C:\Program Files (x86)\IObit
[13/03/2011 00:08:01] - |D| - C:\Program Files (x86)\Java
[30/11/2011 06:42:28] - |D| - C:\Program Files (x86)\K-Lite Video Conversion Pack
[15/07/2014 14:40:42] - |D| - C:\Program Files (x86)\Malwarebytes Anti-Malware
[19/10/2012 10:41:34] - |D| - C:\Program Files (x86)\Marvell
[19/03/2012 07:55:25] - |D| - C:\Program Files (x86)\MetaGeek
[13/03/2011 01:12:17] - |D| - C:\Program Files (x86)\Microsoft
[16/03/2011 08:16:04] - |D| - C:\Program Files (x86)\Microsoft Analysis Services
[26/08/2013 15:57:58] - |D| - C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
[13/03/2011 00:09:46] - |D| - C:\Program Files (x86)\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files (x86)\Microsoft Silverlight
[11/07/2014 18:40:06] - |D| - C:\Program Files (x86)\Microsoft SQL Server
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[12/03/2011 23:36:16] - |D| - C:\Program Files (x86)\Microsoft Synchronization Services
[13/03/2011 02:30:37] - |D| - C:\Program Files (x86)\Microsoft.NET
[31/03/2011 08:24:42] - |D| - C:\Program Files (x86)\Motorola
[13/09/2011 09:01:05] - |D| - C:\Program Files (x86)\Motorola Media Link
[24/10/2012 09:53:43] - |D| - C:\Program Files (x86)\Motorola Mobility
[12/03/2011 22:50:45] - |D| - C:\Program Files (x86)\Mozilla Firefox
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\MSBuild
[16/07/2014 11:57:45] - |D| - C:\Program Files (x86)\MSECache
[13/03/2011 00:31:24] - |D| - C:\Program Files (x86)\MSXML 4.0
[17/03/2012 10:23:03] - |D| - C:\Program Files (x86)\NetSupport
[17/03/2012 10:06:41] - |D| - C:\Program Files (x86)\NetSupport Manager
[17/03/2011 16:14:58] - |D| - C:\Program Files (x86)\Nokia
[30/07/2011 16:49:20] - |D| - C:\Program Files (x86)\NVIDIA Corporation
[21/12/2011 18:18:43] - |D| - C:\Program Files (x86)\OpenOffice.org 3
[27/06/2012 17:38:40] - |D| - C:\Program Files (x86)\Oracle
[30/11/2011 07:08:11] - |D| - C:\Program Files (x86)\PDFStudio
[12/03/2011 23:40:30] - |D| - C:\Program Files (x86)\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Reference Assemblies
[29/07/2010 15:01:39] - |D| - C:\Program Files (x86)\Renesas Electronics
[19/11/2012 14:25:55] - |D| - C:\Program Files (x86)\Respironics
[19/10/2012 14:07:18] - |D| - C:\Program Files (x86)\Ricoh
[17/10/2012 15:01:35] - |D| - C:\Program Files (x86)\Scan2PDF
[16/03/2011 12:17:25] - |D| - C:\Program Files (x86)\Scpad
[21/03/2011 08:33:02] - |RD| - C:\Program Files (x86)\Skype
[13/03/2011 00:14:45] - |D| - C:\Program Files (x86)\Sony
[19/02/2013 12:03:59] - |D| - C:\Program Files (x86)\Spybot - Search & Destroy 2
[12/03/2011 23:40:30] - |HD| - C:\Program Files (x86)\Temp
[14/07/2009 01:57:06] - |HD| - C:\Program Files (x86)\Uninstall Information
[21/11/2012 14:23:39] - |D| - C:\Program Files (x86)\uTorrent
[15/07/2014 14:37:34] - |D| - C:\Program Files (x86)\VS Revo Group
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Defender
[13/03/2011 00:19:07] - |D| - C:\Program Files (x86)\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files (x86)\Windows Sidebar
[13/03/2011 01:13:21] - |D| - C:\Program Files (x86)\WinRAR
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files
[15/07/2014 12:04:06] - |D| - C:\Program Files\Apoint
[22/07/2014 17:37:25] - |D| - C:\Program Files\CCleaner
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files
[14/07/2009 01:54:24] - |ASH| - C:\Program Files\desktop.ini
[17/03/2011 16:15:46] - |D| - C:\Program Files\DIFX
[14/07/2009 02:32:38] - |D| - C:\Program Files\DVD Maker
[25/01/2013 14:09:39] - |D| - C:\Program Files\ESET
[12/03/2011 23:57:22] - |D| - C:\Program Files\Google
[15/03/2011 08:29:24] - |D| - C:\Program Files\HP
[12/03/2011 23:45:39] - |D| - C:\Program Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Internet Explorer
[13/03/2011 00:06:04] - |D| - C:\Program Files\Java
[24/07/2014 12:15:15] - |D| - C:\Program Files\McAfee Security Scan
[09/10/2011 09:58:52] - |D| - C:\Program Files\MetaGeek
[16/03/2011 08:16:04] - |D| - C:\Program Files\Microsoft Analysis Services
[14/07/2009 02:32:38] - |D| - C:\Program Files\Microsoft Games
[05/08/2011 08:42:18] - |D| - C:\Program Files\Microsoft IntelliPoint
[01/07/2014 11:16:06] - |D| - C:\Program Files\Microsoft Mouse and Keyboard Center
[13/03/2011 00:09:56] - |D| - C:\Program Files\Microsoft Office
[11/05/2012 17:29:32] - |D| - C:\Program Files\Microsoft Silverlight
[11/07/2014 18:38:38] - |D| - C:\Program Files\Microsoft SQL Server
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition
[16/03/2011 08:18:45] - |D| - C:\Program Files\Microsoft Sync Framework
[16/03/2011 08:19:08] - |D| - C:\Program Files\Microsoft Synchronization Services
[11/07/2014 18:53:41] - |D| - C:\Program Files\Microsoft.NET
[05/12/2013 08:47:01] - |D| - C:\Program Files\Motorola Mobility LLC
[14/07/2009 02:32:38] - |D| - C:\Program Files\MSBuild
[15/07/2014 12:03:13] - |D| - C:\Program Files\NVIDIA Corporation
[13/03/2011 00:12:41] - |D| - C:\Program Files\PlayReady
[15/07/2014 12:04:15] - |D| - C:\Program Files\Realtek
[14/07/2009 02:32:38] - |D| - C:\Program Files\Reference Assemblies
[19/03/2014 11:02:25] - |D| - C:\Program Files\SafeNet
[12/03/2011 23:31:13] - |D| - C:\Program Files\Sony
[13/03/2011 01:04:57] - |D| - C:\Program Files\SPHE BD-Live
[15/07/2014 12:02:46] - |D| - C:\Program Files\Synaptics
[14/07/2009 02:09:26] - |HD| - C:\Program Files\Uninstall Information
[23/11/2012 08:48:00] - |D| - C:\Program Files\WIDCOMM
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Defender
[21/11/2010 04:16:54] - |D| - C:\Program Files\Windows Journal
[04/01/2012 13:56:35] - |D| - C:\Program Files\Windows Live
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows Mail
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 00:20:08] - |D| - C:\Program Files\Windows NT
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 02:32:38] - |D| - C:\Program Files\Windows Sidebar
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files
[23/03/2011 15:56:49] - |D| - C:\Program Files (x86)\Common Files\Adobe
[12/12/2012 15:35:41] - |D| - C:\Program Files (x86)\Common Files\Adobe AIR
[13/03/2011 01:03:07] - |D| - C:\Program Files (x86)\Common Files\ArcSoft
[15/03/2011 08:41:06] - |D| - C:\Program Files (x86)\Common Files\Hewlett-Packard
[15/03/2011 08:41:11] - |D| - C:\Program Files (x86)\Common Files\HP
[12/03/2011 23:40:27] - |D| - C:\Program Files (x86)\Common Files\InstallShield
[13/03/2011 00:24:21] - |D| - C:\Program Files (x86)\Common Files\InterVideo
[17/07/2014 09:46:16] - |D| - C:\Program Files (x86)\Common Files\Java
[03/07/2012 09:55:54] - |D| - C:\Program Files (x86)\Common Files\Macrovision Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\microsoft shared
[23/05/2012 16:55:28] - |D| - C:\Program Files (x86)\Common Files\MSSoap
[13/09/2011 09:01:20] - |D| - C:\Program Files (x86)\Common Files\Nero
[17/03/2011 16:16:06] - |D| - C:\Program Files (x86)\Common Files\Nokia
[13/03/2011 00:24:13] - |D| - C:\Program Files (x86)\Common Files\Protexis
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\Services
[01/07/2014 11:42:45] - |D| - C:\Program Files (x86)\Common Files\Skype
[12/03/2011 23:53:39] - |D| - C:\Program Files (x86)\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files (x86)\Common Files\System
[13/03/2011 01:11:10] - |D| - C:\Program Files (x86)\Common Files\Windows Live
[18/07/2014 16:18:02] - |D| - C:\Program Files (x86)\Common Files\Wise Installation Wizard
¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common Files
[14/05/2014 14:32:40] - |D| - C:\Program Files\Common Files\DESIGNER
[12/03/2011 23:45:40] - |D| - C:\Program Files\Common Files\Intel
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Microsoft Shared
[27/03/2011 08:45:42] - |D| - C:\Program Files\Common Files\Motorola Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\Services
[12/03/2011 23:53:39] - |D| - C:\Program Files\Common Files\Sony Shared
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 00:20:08] - |D| - C:\Program Files\Common Files\System
¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Roaming
[24/09/2012 14:27:36] - |A| - C:\Users\TOP\AppData\Roaming\.backup.dm
[21/11/2013 14:39:19] - |D| - C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
[12/03/2011 20:37:43] - |D| - C:\Users\TOP\AppData\Roaming\Adobe
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Roaming\Apple Computer
[13/03/2011 09:46:45] - |D| - C:\Users\TOP\AppData\Roaming\ArcSoft
[14/04/2011 15:52:42] - |D| - C:\Users\TOP\AppData\Roaming\Auslogics
[30/11/2011 06:45:56] - |D| - C:\Users\TOP\AppData\Roaming\avidemux
[24/01/2014 14:12:22] - |D| - C:\Users\TOP\AppData\Roaming\Baidu Security
[20/11/2013 14:41:59] - |D| - C:\Users\TOP\AppData\Roaming\br.com.iba.magazinesdesktop
[29/11/2011 06:48:41] - |D| - C:\Users\TOP\AppData\Roaming\Canneverbe Limited
[04/09/2011 11:25:09] - |D| - C:\Users\TOP\AppData\Roaming\Corel
[10/10/2012 14:36:46] - |D| - C:\Users\TOP\AppData\Roaming\GlarySoft
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Roaming\Google
[15/03/2011 08:49:36] - |D| - C:\Users\TOP\AppData\Roaming\HP
[15/03/2011 08:44:17] - |D| - C:\Users\TOP\AppData\Roaming\HpUpdate
[12/03/2011 20:24:18] - |D| - C:\Users\TOP\AppData\Roaming\Identities
[12/03/2011 22:19:18] - |D| - C:\Users\TOP\AppData\Roaming\Intel
[12/03/2011 20:24:54] - |D| - C:\Users\TOP\AppData\Roaming\Intel Corporation
[16/03/2011 09:12:54] - |D| - C:\Users\TOP\AppData\Roaming\IObit
[31/01/2013 08:09:41] - |D| - C:\Users\TOP\AppData\Roaming\iolo
[12/03/2011 20:43:14] - |D| - C:\Users\TOP\AppData\Roaming\Macromedia
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Roaming\Media Center Programs
[15/07/2014 12:06:07] - |SD| - C:\Users\TOP\AppData\Roaming\Microsoft
[13/09/2011 09:02:30] - |D| - C:\Users\TOP\AppData\Roaming\motorola
[25/07/2012 18:35:53] - |D| - C:\Users\TOP\AppData\Roaming\Motorola Mobility
[21/12/2012 14:30:00] - |D| - C:\Users\TOP\AppData\Roaming\Mozilla
[17/03/2012 10:08:22] - |D| - C:\Users\TOP\AppData\Roaming\NetSupport
[17/03/2011 16:19:57] - |D| - C:\Users\TOP\AppData\Roaming\Nokia
[17/03/2011 16:37:37] - |D| - C:\Users\TOP\AppData\Roaming\Nokia Ovi Suite
[23/06/2011 17:18:00] - |D| - C:\Users\TOP\AppData\Roaming\NVIDIA
[21/12/2011 19:21:45] - |D| - C:\Users\TOP\AppData\Roaming\OpenOffice.org
[17/03/2011 16:16:55] - |D| - C:\Users\TOP\AppData\Roaming\PC Suite
[16/05/2014 10:43:33] - |D| - C:\Users\TOP\AppData\Roaming\ProductData
[21/03/2011 08:33:21] - |D| - C:\Users\TOP\AppData\Roaming\Skype
[21/03/2011 08:44:41] - |D| - C:\Users\TOP\AppData\Roaming\skypePM
[12/03/2011 20:21:41] - |D| - C:\Users\TOP\AppData\Roaming\Sony Corporation
[17/03/2012 09:59:46] - |D| - C:\Users\TOP\AppData\Roaming\T-App
[21/11/2012 14:22:04] - |D| - C:\Users\TOP\AppData\Roaming\uTorrent
[19/10/2012 10:56:18] - |D| - C:\Users\TOP\AppData\Roaming\WinBatch
[25/07/2014 09:24:34] - |D| - C:\Users\TOP\AppData\Roaming\WinRAR
¤¤¤¤¤¤¤¤¤¤ | C:\Users\TOP\AppData\Local
[15/03/2011 09:25:55] - |D| - C:\Users\TOP\AppData\Local\Adobe
[01/08/2011 15:48:21] - |D| - C:\Users\TOP\AppData\Local\Apple
[01/08/2011 15:49:56] - |D| - C:\Users\TOP\AppData\Local\Apple Computer
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Application Data
[12/03/2011 20:24:39] - |D| - C:\Users\TOP\AppData\Local\Apps
[13/03/2011 09:46:47] - |D| - C:\Users\TOP\AppData\Local\ArcSoft
[02/02/2013 08:25:30] - |D| - C:\Users\TOP\AppData\Local\BeCrux
[25/11/2012 08:43:04] - |D| - C:\Users\TOP\AppData\Local\Broadcom
[27/03/2011 08:49:12] - |D| - C:\Users\TOP\AppData\Local\BVRP Software
[14/07/2014 14:24:37] - |D| - C:\Users\TOP\AppData\Local\Comodo
[12/03/2011 20:28:07] - |D| - C:\Users\TOP\AppData\Local\Diagnostics
[13/09/2011 09:00:01] - |D| - C:\Users\TOP\AppData\Local\Downloaded Installations
[30/03/2011 14:55:10] - |D| - C:\Users\TOP\AppData\Local\ElevatedDiagnostics
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieSiteList
[24/04/2014 15:22:05] - |SHD| - C:\Users\TOP\AppData\Local\EmieUserList
[15/03/2011 08:10:30] - |D| - C:\Users\TOP\AppData\Local\ESET
[20/06/2013 14:41:33] - |D| - C:\Users\TOP\AppData\Local\GAS Tecnologia
[15/07/2014 13:51:52] - |A| - C:\Users\TOP\AppData\Local\GDIPFONTCACHEV1.DAT
[12/03/2011 20:37:04] - |D| - C:\Users\TOP\AppData\Local\Google
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\History
[15/03/2011 08:51:33] - |D| - C:\Users\TOP\AppData\Local\HP
[22/07/2014 18:57:55] - |AH| - C:\Users\TOP\AppData\Local\IconCache.db
[27/03/2011 12:50:57] - |D| - C:\Users\TOP\AppData\Local\IsolatedStorage
[09/10/2011 10:33:56] - |D| - C:\Users\TOP\AppData\Local\MetaGeek,_LLC
[15/07/2014 12:06:07] - |D| - C:\Users\TOP\AppData\Local\Microsoft
[17/03/2012 12:21:39] - |D| - C:\Users\TOP\AppData\Local\Microsoft Games
[15/03/2011 07:26:25] - |D| - C:\Users\TOP\AppData\Local\Microsoft Help
[23/09/2011 18:29:35] - |D| - C:\Users\TOP\AppData\Local\Motosftemp
[26/08/2013 15:59:14] - |D| - C:\Users\TOP\AppData\Local\MSKLC
[17/03/2011 16:17:44] - |D| - C:\Users\TOP\AppData\Local\Nokia
[05/09/2011 12:13:07] - |D| - C:\Users\TOP\AppData\Local\NokiaAccount
[14/07/2014 14:24:47] - |D| - C:\Users\TOP\AppData\Local\Packages
[13/03/2011 09:47:23] - |D| - C:\Users\TOP\AppData\Local\Programs
[24/09/2012 14:29:02] - |D| - C:\Users\TOP\AppData\Local\Proxure
[19/11/2012 14:26:47] - |D| - C:\Users\TOP\AppData\Local\Respironics
[05/05/2014 16:25:51] - |D| - C:\Users\TOP\AppData\Local\Skype
[12/03/2011 21:08:12] - |D| - C:\Users\TOP\AppData\Local\Sony Corporation
[08/08/2011 08:26:14] - |D| - C:\Users\TOP\AppData\Local\Sony Ericsson
[25/07/2014 16:45:41] - |D| - C:\Users\TOP\AppData\Local\Temp
[15/07/2014 12:06:07] - |SHD| - C:\Users\TOP\AppData\Local\Temporary Internet Files
[12/03/2011 20:22:10] - |D| - C:\Users\TOP\AppData\Local\VirtualStore
[04/01/2012 13:14:39] - |D| - C:\Users\TOP\AppData\Local\Windows Live
[04/01/2012 14:59:31] - |D| - C:\Users\TOP\AppData\Local\Windows Live Writer
¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData
[24/09/2012 16:21:45] - |D| - C:\ProgramData\A-PDF
[12/03/2011 23:56:10] - |D| - C:\ProgramData\Adobe
[01/08/2011 15:47:05] - |D| - C:\ProgramData\Apple
[01/08/2011 15:48:30] - |D| - C:\ProgramData\Apple Computer
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Application Data
[13/03/2011 09:46:47] - |D| - C:\ProgramData\ArcSoft
[28/03/2011 10:01:58] - |D| - C:\ProgramData\Avanquest Bluetooth SDK
[24/01/2014 14:11:25] - |D| - C:\ProgramData\Baidu Security
[27/03/2011 08:45:31] - |D| - C:\ProgramData\BVRP Software
[29/11/2011 06:48:41] - |D| - C:\ProgramData\Canneverbe Limited
[12/03/2011 23:36:19] - |D| - C:\ProgramData\DDNi
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Documents
[29/07/2010 15:01:34] - |D| - C:\ProgramData\Downloaded Installations
[15/07/2014 12:04:40] - |AH| - C:\ProgramData\DP45977C.lfl
[29/01/2014 08:42:50] - |D| - C:\ProgramData\ESET
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Favorites
[03/07/2012 10:01:46] - |D| - C:\ProgramData\FLEXnet
[20/06/2013 14:41:33] - |D| - C:\ProgramData\GAS Tecnologia
[15/03/2011 09:37:36] - |D| - C:\ProgramData\GbPlugin
[12/03/2011 23:57:21] - |D| - C:\ProgramData\Google
[15/03/2011 08:26:16] - |D| - C:\ProgramData\HP
[15/03/2011 08:44:22] - |D| - C:\ProgramData\HP Photo Creations
[15/03/2011 08:42:57] - |D| - C:\ProgramData\HP Product Assistant
[12/03/2011 23:45:39] - |D| - C:\ProgramData\Intel
[23/06/2011 20:20:06] - |D| - C:\ProgramData\IObit
[31/01/2013 08:09:41] - |D| - C:\ProgramData\iolo
[24/07/2014 11:45:20] - |D| - C:\ProgramData\Kaspersky Lab
[11/07/2012 08:21:08] - |D| - C:\ProgramData\LGMOBILEAX
[25/07/2014 09:26:41] - |D| - C:\ProgramData\Logs
[15/07/2014 14:40:42] - |D| - C:\ProgramData\Malwarebytes
[25/11/2013 09:22:49] - |D| - C:\ProgramData\McAfee
[24/07/2014 12:15:17] - |D| - C:\ProgramData\McAfee Security Scan
[14/07/2009 00:20:08] - |SD| - C:\ProgramData\Microsoft
[15/03/2011 07:26:18] - |D| - C:\ProgramData\Microsoft Help
[11/07/2014 19:38:14] - |D| - C:\ProgramData\Microsoft Toolkit
[13/09/2011 09:02:15] - |D| - C:\ProgramData\Motorola
[17/03/2012 10:08:23] - |D| - C:\ProgramData\NetSupport
[14/07/2014 14:24:38] - |RASH| - C:\ProgramData\ntuser.pol
[15/07/2014 12:04:01] - |D| - C:\ProgramData\NVIDIA
[15/07/2014 12:03:24] - |D| - C:\ProgramData\NVIDIA Corporation
[17/03/2011 16:16:58] - |D| - C:\ProgramData\PC Suite
[11/07/2014 18:39:48] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[21/03/2011 08:32:58] - |D| - C:\ProgramData\Skype
[29/07/2010 17:44:18] - |D| - C:\ProgramData\Sony Corporation
[19/02/2013 12:04:24] - |D| - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Start Menu
[13/03/2011 00:08:07] - |D| - C:\ProgramData\Sun
[03/04/2013 15:05:05] - |D| - C:\ProgramData\Temp
[14/07/2009 02:08:56] - |SHD| - C:\ProgramData\Templates
[10/04/2011 10:32:15] - |D| - C:\ProgramData\TorrentEasy
[15/03/2011 08:49:36] - |D| - C:\ProgramData\WEBREG
[21/07/2014 09:11:18] - |D| - C:\ProgramData\Weskysoft
[01/08/2011 15:49:30] - |D| - C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[19/10/2012 09:45:35] - |D| - C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
[12/03/2011 23:56:42] - |HDC| - C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
[X] : [238991 Ko]
Analyzed elements : 343067 | Modified : 12 | Infected : 96
¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 20:03:12 | [45 Ko]
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Sex 25 Jul 2014, 20:32
Desative temporariamente seu antivirus para evitar conflitos.
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Execute-o da forma indicada nesta postagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Pre_Scan\Pre_Scan_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 10:06
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 04.07.20.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 09:32:19
Updated 20/07/2014 | 13.55 by g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Pre_Script Infos : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Pre_scan Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[TOP (Administrator)] - [VAIO]
SID = S-1-5-21-3701455409-3707843946-3216141553-1000
Starting up : Normal
System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
ProcessorNameString : Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Identifier : Intel64 Family 6 Model 30 Stepping 5
Memory RAM = Total (MB) : 8369 | Free (MB) : 6788
Pagefile = Total (MB) : 16736 | Free (MB) : 15080
Virtual = Total (MB) : 4194 | Free (MB) : 4013
¤¤¤¤¤¤¤¤¤¤ | Components of starting up
¤¤¤¤¤¤¤¤¤¤¤ | Drives
C:\-> [Fixed] | [VAIO HD] | Total : 600090 Mo | Free : 461250 Mo -> NTFS
¤¤¤¤¤¤¤¤¤¤ | Windows updates
No detected update !!!
¤¤¤¤¤¤¤¤¤¤ | Sessions
C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\TOP
Registry saved , to restore : C:\Pre_Scan\Save\Scan\ERDNT.exe
stand-by mode deleted !
¤¤¤¤¤¤¤¤¤¤ | Browsers
IE : 11.0.9600.17207 (© Microsoft Corporation.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc.)
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
FlashPlayer ActiveX : 14.0.0.145
FlashPlayer Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Security
AM : Malwarebytes Anti-Malware ( 1.0.0.532) []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Auto(2)] = Running
FW: Windows FireWall Service [Auto(2)] = Running
¤¤¤¤¤¤¤¤¤¤ | Stopped processes
980 | [Owner : |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
136 | [Owner : |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
348 | [Owner : |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1504 | [Owner : |Parent : 1112] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
1516 | [Owner : |Parent : 616] - (.Microsoft Corporation - Host da Janela do Console.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
1580 | [Owner : |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1680 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1688 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2108 | [Owner : TOP |Parent : 2064] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2184 | [Owner : TOP |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2424 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2724 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2068 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3040 | [Owner : TOP |Parent : 2724] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2120 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3144 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3252 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3364 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3476 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3948 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3968 | [Owner : TOP |Parent : 2108] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
1924 | [Owner : TOP |Parent : 2108] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
3704 | [Owner : TOP |Parent : 2108] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4000 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3616 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3384 | [Owner : TOP |Parent : 3704] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3428 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3376 | [Owner : SYSTEM |Parent : 3616] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4148 | [Owner : TOP |Parent : 3276] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
4304 | [Owner : SYSTEM |Parent : 3948] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4672 | [Owner : TOP |Parent : 3132] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4704 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
2960 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3204 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
1244 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
5116 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5324 | [Owner : TOP |Parent : 3516] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
5480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
4512 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
4892 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
6108 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5472 | [Owner : TOP |Parent : 5116] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4012 | [Owner : SYSTEM |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2500 | [Owner : SYSTEM |Parent : 4012] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
3564 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
6912 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5512 | [Owner : SYSTEM |Parent : 5480] - (.Sony Corporation - VCAgent.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCAgent.exe
8060 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
5528 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
¤¤¤¤¤¤¤¤¤¤ | Running processes
372 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe
616 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
684 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
708 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
752 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
784 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.18409) = C:\Windows\System32\winlogon.exe
812 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18443) = C:\Windows\System32\lsass.exe
820 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
696 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1072 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1112 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1156 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1268 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1312 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1380 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1616 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1640 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1520 | [Owner : SYSTEM |Parent : 752] - (.ESET - ESET Service.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
2072 | [Owner : TOP |Parent : 1112] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
2396 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe
3860 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
4056 | [Owner : TOP |Parent : 2108] - (.ESET - ESET Main GUI.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
3604 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\SysWOW64\dllhost.exe
4280 | [Owner : TOP |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe
5020 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe
2244 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
5916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
6812 | [Owner : TOP |Parent : 2108] - (. - .) - (0.0.0.0) = C:\Users\TOP\Desktop\Pre_Scan.exe
6492 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
6748 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
7036 | [Owner : TOP |Parent : 6748] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
7532 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3132 | [Owner : SYSTEM |Parent : 7532] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
7804 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
7872 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
6284 | [Owner : SYSTEM |Parent : 7872] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
7568 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
7756 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
7596 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
7840 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
7916 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
5900 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
7864 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
6180 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
¤¤¤¤¤¤¤¤¤¤ | Winlogon user : OK !
¤¤¤¤¤¤¤¤¤¤ | Winlogon machine
Repaired : [64][HKLM | Winlogon]|[userinit] : userinit.exe, -> C:\Windows\SysWOW64\userinit.exe,
¤¤¤¤¤¤¤¤¤¤
Associations
Repaired : [64][HKLM\Software\Classes\Folder\shell\open\command] : C:\Windows\Explorer.exe -> C:\Windows\Explorer.exe
¤
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files\Google\Chrome\Application\chrome.exe" -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Repaired : [64][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤¤¤¤¤¤¤¤¤¤
Registry
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktop] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktopChanges] : 1 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
[Hidden] : 2 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel]
[AllItemsIconView] : 0 -> 1
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoDriveTypeAutoRun] : 221 -> 145
¤¤¤¤¤¤¤¤¤¤
Access to the registry and to the administrator of the tasks
¤¤¤¤¤¤¤¤¤¤ | SafeBoot
Safeboot Keys are O.K
Alternate shell is OK !
¤
Safeboot Minimal Subkeys : O.K !
¤
Safeboot Network Subkeys : O.K !
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Windows
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]|[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
Winsrv : OK !
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] : acaptuser64.dll
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
¤¤¤¤¤¤¤¤¤¤ | Security center
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{003e0278-eca8-4bb8-a256-3689ca1c2600}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{3BF043EF-A974-49B3-8322-B853CF1E5EC5}]|[Autostart] : C:\Windows\System32\SndVolSSO.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{68ddbb56-9d1d-4fd9-89c5-c0da2a625392}]|[Autostart] : C:\Windows\system32\stobject.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7007ACCF-3202-11D1-AAD2-00805FC1270E}]|[Autostart] : C:\Windows\System32\netshell.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7849596a-48ea-486e-8937-a2a3009f31a9}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll C:\Windows\System32\hcproviders.dll
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{A1607060-5D4C-467a-B711-2B59A6F25957}]|[Autostart] : C:\Windows\System32\AltTab.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}]|[Autostart] : C:\Windows\system32\wpdshserviceobj.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{C2796011-81BA-4148-8FCA-C6643245113F}]|[Autostart] : C:\Windows\System32\pnidui.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{DA67B8AD-E81B-4c70-9B91-B417B5E33527}]|[Autostart] : C:\Windows\System32\srchadmin.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{EF4D1E1A-1C87-4AA8-8934-E68E4367468D}]|[Autostart] : C:\Windows\SysWOW64\shdocvw.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F08C5AC2-E722-4116-ADB7-CE41B527994B}]|[Autostart] : C:\Windows\SysWOW64\bthprops.cpl [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F20487CC-FC04-4B1E-863F-D9801796130B}]|[Autostart] : C:\Windows\System32\SyncCenter.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]|[Autostart] : C:\Windows\System32\Actioncenter.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{fbeb8a05-beee-4442-804e-409d6c4515e9}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{ff363bfe-4941-4179-a81c-f3f1ca72d820}]|[Autostart] : C:\Windows\System32\hgcpl.dll [ok]
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0
¤¤¤¤¤¤¤¤¤¤ | Correction of the services
Repaired : [Iphlpsvc] : 4 -> 2
Repaired : [IKEEXT] : 3 -> 2
Repaired : [agp440] : 3 -> 2
Repaired : [Bits] : 3 -> 2
Repaired : [EapHost] : 3 -> 2
Repaired : [SharedAccess] : 3 -> 2
Repaired : [wuauserv] : 3 -> 2
Repaired : [wudfsvc] : 3 -> 2
Repaired : [WerSvc] : 4 -> 2
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Cleaned
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Detection of offsets
¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry
Deleted : HKLM\..\ControlSet001\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\ControlSet002\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\CurrentControlSet\Enum\Root\LEGACY_ESGIGUARD
Deleted : C:\$Recycle.bin\S-1-5-21-3701455409-3707843946-3216141553-1000
Deleted : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\iolo
Deleted : [64]HKLM\Software\EnigmaSoftwareGroup
Deleted : [64]HKLM\Software\iolo
Deleted : [32]HKLM\Software\EnigmaSoftwareGroup
Deleted : HKLM\..\ControlSet001\Services\Eventlog\iolo Applications
Deleted : HKLM\..\ControlSet002\Services\Eventlog\iolo Applications
Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\iolo
Moved to quarantine successfully : C:\ProgramData\iolo
Moved to quarantine successfully : C:\bootsqm.dat
Moved to quarantine successfully : C:\msdia80.dll
Moved to quarantine successfully : C:\Users\TOP\AppData\Local\microsoft\windows\WebCacheLock.dat
Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Templates\DownloadInfo.initmp
Moved to quarantine successfully : C:\Windows\assembly\tmp\
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\security
¤¤¤¤¤¤¤¤¤¤ | ADS
Prefetch -> cleaned
¤¤¤¤¤¤¤¤¤¤ | Hidden files
~ [Program Files] : Hidden : 13 | Restored : 13
~ [Users] : Hidden : 2 | Restored : 2
~ [Pictures] : Hidden : 8 | Restored : 8
~ [Documents] : Hidden : 2 | Restored : 2
~ [Searches] : Hidden : 1 | Restored : 1
~ [Windows] : Hidden : 35 | Restored : 35
~ [Libraries] : Hidden : 54 | Restored : 54
¤¤¤¤¤¤¤¤¤¤ | Control of the partitions
Disk: 0 Size=610G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 27-UNKNWN 10G No No 2,048 21,059,584
1 1 07-NTFS 100M Yes No 21,061,632 204,800
2 2 07-NTFS 600G No No 21,266,432 228,994,560
¤¤¤¤¤¤¤¤¤¤
[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
[HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1
End : 09:48:19
Standby-mode restored
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 404
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 09:32:19
Updated 20/07/2014 | 13.55 by g3n-h@ckm@n
Contact : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Pre_Script Infos : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Pre_scan Feedbacks : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
[TOP (Administrator)] - [VAIO]
SID = S-1-5-21-3701455409-3707843946-3216141553-1000
Starting up : Normal
System : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1
ProcessorNameString : Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Identifier : Intel64 Family 6 Model 30 Stepping 5
Memory RAM = Total (MB) : 8369 | Free (MB) : 6788
Pagefile = Total (MB) : 16736 | Free (MB) : 15080
Virtual = Total (MB) : 4194 | Free (MB) : 4013
¤¤¤¤¤¤¤¤¤¤ | Components of starting up
¤¤¤¤¤¤¤¤¤¤¤ | Drives
C:\-> [Fixed] | [VAIO HD] | Total : 600090 Mo | Free : 461250 Mo -> NTFS
¤¤¤¤¤¤¤¤¤¤ | Windows updates
No detected update !!!
¤¤¤¤¤¤¤¤¤¤ | Sessions
C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\TOP
Registry saved , to restore : C:\Pre_Scan\Save\Scan\ERDNT.exe
stand-by mode deleted !
¤¤¤¤¤¤¤¤¤¤ | Browsers
IE : 11.0.9600.17207 (© Microsoft Corporation.)
GC : 36.0.1985.125 (Copyright 2012 Google Inc.)
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
FlashPlayer ActiveX : 14.0.0.145
FlashPlayer Plugin : 14.0.0.145
¤¤¤¤¤¤¤¤¤¤ | Security
AM : Malwarebytes Anti-Malware ( 1.0.0.532) []
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Auto(2)] = Running
FW: Windows FireWall Service [Auto(2)] = Running
¤¤¤¤¤¤¤¤¤¤ | Stopped processes
980 | [Owner : |Parent : 752] - (.IObit - Advanced SystemCare Service.) - (7.0.0.12) = C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
136 | [Owner : |Parent : 752] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
348 | [Owner : |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
1504 | [Owner : |Parent : 1112] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
1516 | [Owner : |Parent : 616] - (.Microsoft Corporation - Host da Janela do Console.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
1580 | [Owner : |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1680 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3788) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1688 | [Owner : SYSTEM |Parent : 136] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.88.) - (8.17.13.3788) = C:\Windows\System32\nvvsvc.exe
1900 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2108 | [Owner : TOP |Parent : 2064] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2184 | [Owner : TOP |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2256 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IPoint.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
2272 | [Owner : TOP |Parent : 2184] - (.Microsoft Corporation - IType.exe.) - (2.3.188.0) = C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
2424 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
2724 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2068 | [Owner : SYSTEM |Parent : 752] - (. - Oasis2Service.) - (1.0.1.0) = C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
3040 | [Owner : TOP |Parent : 2724] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2120 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - Device Information Provider.) - (1.0.1.6010) = C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3144 | [Owner : SYSTEM |Parent : 752] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.124) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3252 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
3364 | [Owner : SYSTEM |Parent : 752] - (.SafeNet, Inc. - SafeNet Authentication Client Service.) - (8.2.85.0) = C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
3476 | [Owner : SYSTEM |Parent : 752] - (.Banco Bradesco S.A. - scpVista.) - (1.0.9.11) = C:\Program Files (x86)\Scpad\scpVista.exe
3948 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3968 | [Owner : TOP |Parent : 2108] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3276 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Smart Network Service.) - (3.3.0.6080) = C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
1924 | [Owner : TOP |Parent : 2108] - (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Utility.) - (2.3.3811.24158) = C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
3704 | [Owner : TOP |Parent : 2108] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4000 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
3616 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3384 | [Owner : TOP |Parent : 3704] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.64) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3640 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
3428 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (13.2.0.3) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3376 | [Owner : SYSTEM |Parent : 3616] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4148 | [Owner : TOP |Parent : 3276] - (.Sony Corporation - VAIO Smart Network.) - (3.3.0.5310) = C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
4304 | [Owner : SYSTEM |Parent : 3948] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
4672 | [Owner : TOP |Parent : 3132] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.65.20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4704 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
2960 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3204 | [Owner : SYSTEM |Parent : 752] - (. - .) - (0.0.0.0) = C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
1244 | [Owner : SYSTEM |Parent : 752] - (.Intel Corporation - IAStorDataSvc.) - (9.6.0.1014) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
5116 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Care Performance Service.) - (3.2.0.0) = C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5324 | [Owner : TOP |Parent : 3516] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
5480 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIOCare.) - (8.1.0.8100) = C:\Program Files\Sony\VAIO Care\VCService.exe
4512 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - SPM Module.) - (5.2.0.5310) = C:\Program Files\Sony\VAIO Power Management\SPMService.exe
4892 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Content Folder Watcher.) - (1.5.0.6030) = C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
6108 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.1.0.6030) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
5472 | [Owner : TOP |Parent : 5116] - (. - VaioCare Window Listener Application.) - (3.0.0.407) = C:\Program Files\Sony\VAIO Care\listener.exe
4012 | [Owner : SYSTEM |Parent : 1156] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2500 | [Owner : SYSTEM |Parent : 4012] - (.Safer-Networking Ltd. - Update.) - (2.0.12.89) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
3564 | [Owner : TOP |Parent : 2184] - (.Sony Corporation - VCSystemTray.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
6912 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
5512 | [Owner : SYSTEM |Parent : 5480] - (.Sony Corporation - VCAgent.) - (8.1.0.10100) = C:\Program Files\Sony\VAIO Care\VCAgent.exe
8060 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
5528 | [Owner : SYSTEM |Parent : 2960] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
¤¤¤¤¤¤¤¤¤¤ | Running processes
372 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe
616 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
684 | [Owner : SYSTEM |Parent : 604] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
708 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
752 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
784 | [Owner : SYSTEM |Parent : 696] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.18409) = C:\Windows\System32\winlogon.exe
812 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18443) = C:\Windows\System32\lsass.exe
820 | [Owner : SYSTEM |Parent : 684] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
696 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1072 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1112 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1156 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1268 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1312 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1380 | [Owner : NETWORK SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1616 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1640 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1520 | [Owner : SYSTEM |Parent : 752] - (.ESET - ESET Service.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
2072 | [Owner : TOP |Parent : 1112] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
2396 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe
3860 | [Owner : LOCAL SERVICE |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
4056 | [Owner : TOP |Parent : 2108] - (.ESET - ESET Main GUI.) - (7.0.302.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
3604 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\SysWOW64\dllhost.exe
4280 | [Owner : TOP |Parent : 916] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe
5020 | [Owner : SYSTEM |Parent : 916] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe
2244 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
5916 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
6812 | [Owner : TOP |Parent : 2108] - (. - .) - (0.0.0.0) = C:\Users\TOP\Desktop\Pre_Scan.exe
6492 | [Owner : SYSTEM |Parent : 752] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) - (3.1.6.3) = C:\PROGRA~2\GbPlugin\gbpsv.exe
6748 | [Owner : SYSTEM |Parent : 752] - (.Motorola Mobility LLC - MotoHelper Service.) - (2.3.8.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
7036 | [Owner : TOP |Parent : 6748] - (.Motorola Mobility LLC - MotoHelperAgent.) - (2.3.7.0) = C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
7532 | [Owner : SYSTEM |Parent : 752] - (.Sony Corporation - VAIO Event Service (Service Module).) - (5.3.0.5310) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3132 | [Owner : SYSTEM |Parent : 7532] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) - (5.3.0.5260) = C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
7804 | [Owner : SYSTEM |Parent : 752] - (.Motorola - ForwardDemon.) - (1.0.0.0) = C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
7872 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
6284 | [Owner : SYSTEM |Parent : 7872] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
7568 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
7756 | [Owner : SYSTEM |Parent : 752] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.5600) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
7596 | [Owner : SYSTEM |Parent : 752] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.0.12.76) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
7840 | [Owner : SYSTEM |Parent : 752] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
7916 | [Owner : SYSTEM |Parent : 752] - (.Intel(R) Corporation - WiMAX SDK service for Intel(R) PROSet/Wireless WiMAX Software.) - (5.30.1007.0) = C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
5900 | [Owner : SYSTEM |Parent : 752] - (.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Software.) - (2.0.0.24) = C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
7864 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
6180 | [Owner : SYSTEM |Parent : 7568] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
¤¤¤¤¤¤¤¤¤¤ | Winlogon user : OK !
¤¤¤¤¤¤¤¤¤¤ | Winlogon machine
Repaired : [64][HKLM | Winlogon]|[userinit] : userinit.exe, -> C:\Windows\SysWOW64\userinit.exe,
¤¤¤¤¤¤¤¤¤¤
Associations
Repaired : [64][HKLM\Software\Classes\Folder\shell\open\command] : C:\Windows\Explorer.exe -> C:\Windows\Explorer.exe
¤
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Repaired : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files\Google\Chrome\Application\chrome.exe" -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Repaired : [64][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤¤¤¤¤¤¤¤¤¤
Registry
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [32][HKLM\software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktop] : 1 -> 0
Repaired : [64][HKLM\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoActiveDesktopChanges] : 1 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
[Hidden] : 2 -> 0
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel]
[AllItemsIconView] : 0 -> 1
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
[NoDriveTypeAutoRun] : 221 -> 145
¤¤¤¤¤¤¤¤¤¤
Access to the registry and to the administrator of the tasks
¤¤¤¤¤¤¤¤¤¤ | SafeBoot
Safeboot Keys are O.K
Alternate shell is OK !
¤
Safeboot Minimal Subkeys : O.K !
¤
Safeboot Network Subkeys : O.K !
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Windows
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]|[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
Winsrv : OK !
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] : acaptuser64.dll
[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 0
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
¤¤¤¤¤¤¤¤¤¤ | Security center
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{003e0278-eca8-4bb8-a256-3689ca1c2600}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{3BF043EF-A974-49B3-8322-B853CF1E5EC5}]|[Autostart] : C:\Windows\System32\SndVolSSO.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{68ddbb56-9d1d-4fd9-89c5-c0da2a625392}]|[Autostart] : C:\Windows\system32\stobject.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7007ACCF-3202-11D1-AAD2-00805FC1270E}]|[Autostart] : C:\Windows\System32\netshell.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7849596a-48ea-486e-8937-a2a3009f31a9}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}]|[No 'Autostart'] : C:\Windows\System32\hcproviders.dll C:\Windows\System32\hcproviders.dll
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{A1607060-5D4C-467a-B711-2B59A6F25957}]|[Autostart] : C:\Windows\System32\AltTab.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}]|[Autostart] : C:\Windows\system32\wpdshserviceobj.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{C2796011-81BA-4148-8FCA-C6643245113F}]|[Autostart] : C:\Windows\System32\pnidui.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{DA67B8AD-E81B-4c70-9B91-B417B5E33527}]|[Autostart] : C:\Windows\System32\srchadmin.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{EF4D1E1A-1C87-4AA8-8934-E68E4367468D}]|[Autostart] : C:\Windows\SysWOW64\shdocvw.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F08C5AC2-E722-4116-ADB7-CE41B527994B}]|[Autostart] : C:\Windows\SysWOW64\bthprops.cpl [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F20487CC-FC04-4B1E-863F-D9801796130B}]|[Autostart] : C:\Windows\System32\SyncCenter.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]|[Autostart] : C:\Windows\System32\Actioncenter.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{fbeb8a05-beee-4442-804e-409d6c4515e9}]|[Autostart] : C:\Windows\system32\shell32.dll [ok]
[64][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{ff363bfe-4941-4179-a81c-f3f1ca72d820}]|[Autostart] : C:\Windows\System32\hgcpl.dll [ok]
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0
¤¤¤¤¤¤¤¤¤¤ | Correction of the services
Repaired : [Iphlpsvc] : 4 -> 2
Repaired : [IKEEXT] : 3 -> 2
Repaired : [agp440] : 3 -> 2
Repaired : [Bits] : 3 -> 2
Repaired : [EapHost] : 3 -> 2
Repaired : [SharedAccess] : 3 -> 2
Repaired : [wuauserv] : 3 -> 2
Repaired : [wudfsvc] : 3 -> 2
Repaired : [WerSvc] : 4 -> 2
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
Repaired : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Repaired : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
¤
Repaired : [HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Cleaned
¤¤¤¤¤¤¤¤¤¤ | reparsepoint
¤¤¤¤¤¤¤¤¤¤ | Detection of offsets
¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry
Deleted : HKLM\..\ControlSet001\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\ControlSet002\Enum\Root\LEGACY_ESGIGUARD
Deleted : HKLM\..\CurrentControlSet\Enum\Root\LEGACY_ESGIGUARD
Deleted : C:\$Recycle.bin\S-1-5-21-3701455409-3707843946-3216141553-1000
Deleted : HKU\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\iolo
Deleted : [64]HKLM\Software\EnigmaSoftwareGroup
Deleted : [64]HKLM\Software\iolo
Deleted : [32]HKLM\Software\EnigmaSoftwareGroup
Deleted : HKLM\..\ControlSet001\Services\Eventlog\iolo Applications
Deleted : HKLM\..\ControlSet002\Services\Eventlog\iolo Applications
Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\iolo
Moved to quarantine successfully : C:\ProgramData\iolo
Moved to quarantine successfully : C:\bootsqm.dat
Moved to quarantine successfully : C:\msdia80.dll
Moved to quarantine successfully : C:\Users\TOP\AppData\Local\microsoft\windows\WebCacheLock.dat
Moved to quarantine successfully : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Templates\DownloadInfo.initmp
Moved to quarantine successfully : C:\Windows\assembly\tmp\
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
Moved to quarantine successfully : C:\Users\TOP\AppData\LocalLow\Sun\Java\Deployment\cache\security
¤¤¤¤¤¤¤¤¤¤ | ADS
Prefetch -> cleaned
¤¤¤¤¤¤¤¤¤¤ | Hidden files
~ [Program Files] : Hidden : 13 | Restored : 13
~ [Users] : Hidden : 2 | Restored : 2
~ [Pictures] : Hidden : 8 | Restored : 8
~ [Documents] : Hidden : 2 | Restored : 2
~ [Searches] : Hidden : 1 | Restored : 1
~ [Windows] : Hidden : 35 | Restored : 35
~ [Libraries] : Hidden : 54 | Restored : 54
¤¤¤¤¤¤¤¤¤¤ | Control of the partitions
Disk: 0 Size=610G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 27-UNKNWN 10G No No 2,048 21,059,584
1 1 07-NTFS 100M Yes No 21,061,632 204,800
2 2 07-NTFS 600G No No 21,266,432 228,994,560
¤¤¤¤¤¤¤¤¤¤
[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
[HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1
End : 09:48:19
Standby-mode restored
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 404
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 10:12
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passeie cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
* Selecione e copie todo este texto destacado em vermelho que te passeie cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qua 30 Jul 2014, 12:02, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Executado Zoek
por Top Sugar Seg 28 Jul 2014, 10:41
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 10:42
O relatório está incompleto, poste ele todo por gentileza.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 10:45
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=670 folders=176 151165786 bytes)
==== EOF on 28/07/2014 at 10:37:57,32 ======================
Tool run by TOP on 28/07/2014 at 10:34:18,16.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-01-24 17:11:25 2014-07-15 15:15:42 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-02 19:01:02 2014-07-24 12:32:03 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\ProgramData\Baidu Security
2014-01-24 17:11:25 2014-07-24 13:40:48 -------- d-----w- C:\Users\All Users\Baidu Security
2014-01-24 17:12:00 2014-07-15 15:24:15 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-01-24 17:12:22 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-24 17:34:12 2014-07-15 15:50:30 -------- d-----w- C:\Users\TOP\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"="Baidu AntiVirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"="Baidu Hips Service"
[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=670 folders=176 151165786 bytes)
==== EOF on 28/07/2014 at 10:37:57,32 ======================
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 11:00
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qua 30 Jul 2014, 12:03, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 11:11
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 11:06:42,20.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes
==== System Restore Info ======================
28/07/2014 11:07:29 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bhipssvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bhipssvc deleted successfully
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
C:\Users\TOP\AppData\Roaming\Baidu Security deleted
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-07-28 14:08:02 2014-07-28 14:08:02 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-07-28 14:08:21 2014-07-28 14:08:21 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-07-28 14:08:02 2014-07-28 14:08:20 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=851 folders=220 427417459 bytes)
==== EOF on 28/07/2014 at 11:09:26,01 ======================
Tool run by TOP on 28/07/2014 at 11:06:42,20.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes
==== System Restore Info ======================
28/07/2014 11:07:29 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bavsvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bhipssvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bhipssvc deleted successfully
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bavsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\bhipssvc]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
C:\Users\TOP\AppData\Roaming\Baidu Security deleted
==== Folders Found ======================
2014-07-24 18:28:27 2014-07-24 18:28:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-07-24 18:28:39 2014-07-24 18:28:39 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu
2014-07-24 18:28:40 2014-07-24 18:28:40 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\TOP\AppData\Roaming\baidu\Baidu Antivirus
2014-07-28 14:08:02 2014-07-28 14:08:02 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-07-28 14:08:21 2014-07-28 14:08:21 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-07-28 14:08:02 2014-07-28 14:08:20 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-07-28 14:08:22 2014-07-28 14:08:22 -------- d---a-w- C:\zoek_backup\C_Users_TOP_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_USERS\S-1-5-21-3701455409-3707843946-3216141553-1000\Software\Microsoft\Office\15.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t2756-remover-baidu-do-registro#23365"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=851 folders=220 427417459 bytes)
==== EOF on 28/07/2014 at 11:09:26,01 ======================
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 11:22
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qua 30 Jul 2014, 12:03, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 11:28
Zoek.exe v5.0.0.0 Updated 26-07-2014
Tool run by TOP on 28/07/2014 at 11:25:04,82.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes
C:\zoek-results2014-07-28-140926.log 8891 bytes
==== System Restore Info ======================
28/07/2014 11:25:52 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=851 folders=220 427417459 bytes)
==== EOF on 28/07/2014 at 11:27:05,54 ======================
Tool run by TOP on 28/07/2014 at 11:25:04,82.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOP\Downloads\Ferramentas Remoção Malware\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-25-194733.log 40811 bytes
C:\zoek-results2014-07-28-133757.log 4908 bytes
C:\zoek-results2014-07-28-140926.log 8891 bytes
==== System Restore Info ======================
28/07/2014 11:25:52 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=851 folders=220 427417459 bytes)
==== EOF on 28/07/2014 at 11:27:05,54 ======================
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 11:30
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 11:58
~ Report of ZHPDiag v2014.7.27.109 - Nicolas Coolman (27/07/2014)
~ Launched by TOP (28/07/2014 11:46:29)
~ Web site address : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Web forum address : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Translated by
~ Version State : Updated version.
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software
Malwarebytes Anti-Malware version 2.0.2.1012
McAfee Security Scan Plus v3.8.150.1
Spybot - Search & Destroy v2.0.12
Windows Defender W7 (Activate)
---\\ System optimization software
CCleaner v4.15
---\\ Sharing software PeerToPeer
µTorrent v3.2.2.28500 =>P2P.µTorrent
---\\ Surveillance software
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 65
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8172 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 449 GB (76%) free of 586 GB
---\\ Connection to the system mode
~ Computer Name: VAIO
~ User Name: TOP
~ All Users Names: TOP, HomeGroupUser$, Guest, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TOP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TOP\AppData\Roaming\
~ %Desktop% : C:\Users\TOP\Desktop\
~ %Favorites% : C:\Users\TOP\Favorites\
~ %LocalAppData% : C:\Users\TOP\AppData\Local\
~ %StartMenu% : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 449 Go of 586 Go)
D: CD-ROM drive (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions for Win32.) (.15/07/2014 - 20:28:14.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 3/4098
~ Mes musiques (My Musics) : 1/1014
~ Mes Videos (My Videos) : 2/28
~ Mes Favoris (My Favorites) : 2/153
~ Mes Documents (My Documents) : 2/4898
~ Mon Bureau (My Desktop) : 1/21337
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 13s
---\\ Process running
[MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [698680] [PID.2772]
[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.4688]
[MD5.672E1B3140D78F01E5563C32A72E3ED3] - (.No owner - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [62464] [PID.4936]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.exe [49208] [PID.5812]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.2164]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.972]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [520520] [PID.348]
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752] [PID.1036]
[MD5.7ED3A9C3763725BD700946971215EE77] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.2248]
[MD5.A3E918D2A03A6E7F9C7748C3D89A2550] - (.No owner - Oasis2Service.) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [47616] [PID.2464]
[MD5.80E85394D8CD7F84340B1C6F4B9D698F] - (.Sony Corporation - Device Information Provider.) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [367456] [PID.2860]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2460]
[MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.2788]
[MD5.A058BB0BFE7F530A1CCF28F5DBDB6795] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360640] [PID.3972]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [217968] [PID.3824]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.3188]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe [120176] [PID.4708]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.1088]
[MD5.96EFA2698D6B9E2931609A3EA73FC5DC] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824] [PID.5012]
[MD5.8F0840FF3A11D6B3F767AD6C79AC2A40] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [54760] [PID.4284]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.6024]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.6732]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cpngackimfmofbokmjmljamhdncknpmg] Screen Capture (by Google) v.5.1.4, (Activé)
G2 - GCE: Preference [User Data\Default] [fcgckldmmjdbpdejkclmfnnnehhocbfp] Google Finance v.1.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [higemadklcnjhjpgcbnnbpgeeippjjcp] Send Page v.1.5 (Activé)
G2 - GCE: Preference [User Data\Default] [hljnlfolmbmibdjaikiaepgepgnldclj] Simple Highlighter v.2.1.7.3, (Activé)
G2 - GCE: Preference [User Data\Default] [imcbnnnoghiihopefblgehihofbfbmei] Desprotetor de Links v.2.0.1.7, (Activé)
G2 - GCE: Preference [User Data\Default] [jfchnphgogjhineanplmfkofljiagjfb] Downloads v.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ngjdhjgbagpeimgpgloofkfoipgpdgdb] Mail this link v.1.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.7.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.7.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pfebpahfiklkbdgdacdcdojjejhpbkgc] Send from Omnibox v.0.1 (Activé)
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 34 Legitimates Filtered in 00mn 03s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\TOP\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects (O2)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O2 - BHO: BuscaPe [64Bits] - {CF897CCA-7C89-4B6F-8E49-E51AD405289F} Orphan key
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Other User Links (O4)
O4 - GS\QuickLaunch [TOP]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IntelWirelessWiMAX] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- c:\program files\intel\wimax\bin\wimaxcu.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\apoint\apoint.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s
---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.Adobe Systems, Inc. - 3D Capture.) - C:\Windows\System32\acaptuser64.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Ser (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Energy Server Service (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Oasis2Service (Oasis2Service) . (.No owner - Oasis2Service.) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Services: 28 Legitimates Filtered in 00mn 05s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (sh4native Sh4Removal) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [pennybee Runner] (...) -- C:\ProgramData\pennybee\pennybee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Tempo Runner] (...) -- C:\PROGRA~3\pennybee\pennybee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [wp1-codedownloader] (...) -- C:\Program Files (x86)\wp1\wp1-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EA87288-8226-4DD3-ADED-94237F3DF281}] (...) -- C:\Users\TOP\Downloads\SOAOTH-00263500-1040.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C02A4B4A-9EE2-4837-8226-74A865974971}] (...) -- C:\Users\TOP\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>PUP.Babylon
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
[MD5.C4AF8FF242602D9B88686387A6DAED96] [APT] [VAIO Survey] (...) -- C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [390448]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\CCleanerClean.job [258]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\CCleanerClean [258]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b7c2457f4d6 [1064]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa11f8d0bd740 [1062]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000Core1cf4a78eb00bb57 [1018]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000UA1cf69e862683ffe [1070]
~ Scheduled Task: 50 Legitimates Filtered in 00mn 07s
---\\ Drivers launched at startup (O41)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
~ Drivers: 69 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: BuscaPe Na Hora - (...) [HKLM][64Bits] -- {16712AFB-B5B6-4E00-8FDB-EA6147CDEFF3}_is1
O42 - Logiciel: DANFE View - (.Unimake Softwares.) [HKLM][64Bits] -- DANFE View_is1
O42 - Logiciel: GeoVision ADPCM - (...) [HKLM][64Bits] -- GeoADPCM
O42 - Logiciel: GeoVision H264 - (...) [HKLM][64Bits] -- Codec_264
O42 - Logiciel: GeoVision JPEG - (...) [HKLM][64Bits] -- Codec_jpeg
O42 - Logiciel: GeoVision MPEG2 - (...) [HKLM][64Bits] -- Codec_mp2
O42 - Logiciel: GeoVision MPEG4 - (...) [HKLM][64Bits] -- GEOXCodec
O42 - Logiciel: GeoVision MPEG4 ASP - (...) [HKLM][64Bits] -- Codec_amp4
O42 - Logiciel: GeoVision MPEG4 AVC - (...) [HKLM][64Bits] -- Codec_AVC
O42 - Logiciel: NetSupport Manager - (.NetSupport Ltd.) [HKLM][64Bits] -- {2CB3F85C-ABA2-4B56-B395-17F21B679093}
O42 - Logiciel: Oasis2Service 1.0 - (.DDNi.) [HKLM][64Bits] -- {E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
O42 - Logiciel: PDF Studio - (.Qoppa Software.) [HKLM][64Bits] -- 8147-3835-7485-6804
~ Logic: 20 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\BeCrux]
[HKCU\Software\BuscaPe]
[HKCU\Software\GbAs]
[HKCU\Software\GeoVision]
[HKCU\Software\NetSupport Ltd]
[HKCU\Software\OB]
[HKCU\Software\Scopus]
[HKCU\Software\Shortcut_Module]
[HKCU\Software\T-App]
[HKCU\Software\TorrentEasy]
[HKCU\Software\UltraDownloads.com.br]
[HKLM\Software\Best Buy]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\GoodMedia]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\NSL]
[HKLM\Software\Wow6432Node\NetSupport Manager]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\UlisesSoft]
[HKLM\Software\Wow6432Node\geovision]
[HKLM\Software\Wow6432Node\v9magic]
~ Key Software: 439 Legitimates Filtered in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 22/07/2014 - 15:36:02 - [] ----D C:\Program Files (x86)\BuscaPe Na Hora
O43 - CFD: 15/07/2014 - 12:18:54 - [] ----D C:\Program Files (x86)\DDNi
O43 - CFD: 15/07/2014 - 12:21:13 - [] ----D C:\Program Files (x86)\NetSupport
O43 - CFD: 15/07/2014 - 12:21:14 - [] ----D C:\Program Files (x86)\NetSupport Manager
O43 - CFD: 18/07/2014 - 09:15:07 - [] ----D C:\Program Files (x86)\PDFStudio
O43 - CFD: 15/07/2014 - 12:21:28 - [] ----D C:\Program Files (x86)\Respironics
O43 - CFD: 24/07/2014 - 18:43:14 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 15/07/2014 - 12:22:25 - [] ----D C:\ProgramData\DDNi
O43 - CFD: 15/07/2014 - 12:23:11 - [] ----D C:\ProgramData\NetSupport
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\TorrentEasy
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
O43 - CFD: 15/07/2014 - 12:24:09 - [] --H-D C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
O43 - CFD: 15/07/2014 - 12:50:24 - [] ----D C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
O43 - CFD: 15/07/2014 - 12:51:10 - [] ----D C:\Users\TOP\AppData\Roaming\NetSupport
O43 - CFD: 24/07/2014 - 18:42:25 - [] ----D C:\Users\TOP\AppData\Roaming\ProductData
O43 - CFD: 15/07/2014 - 12:51:26 - [] ----D C:\Users\TOP\AppData\Roaming\T-App
O43 - CFD: 15/07/2014 - 12:49:29 - [] ----D C:\Users\TOP\AppData\Local\BeCrux
O43 - CFD: 21/12/2011 - 14:06:27 - [0] ----D C:\Users\TOP\AppData\Local\Motosftemp
O43 - CFD: 15/07/2014 - 12:50:01 - [] ----D C:\Users\TOP\AppData\Local\Respironics
~ Program Folder: 245 Legitimates Filtered in 00mn 00s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.924C8CC7C2FA0A0DABD908E3BE1C0D1B] - 14/07/2014 - 16:25:54 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagerr.xml [1890]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagwrn.xml [1890]
O44 - LFC:[MD5.3B1CBCB18FFDF416B067633F90288E33] - 15/07/2014 - 10:06:52 ---A- . (...) -- C:\Windows\CompatibilityIssues.txt [1226]
O44 - LFC:[MD5.9FA44E747737A8E1C78F32D3B31EB7E2] - 15/07/2014 - 12:03:54 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3774821]
O44 - LFC:[MD5.721CB2CEBF86999FECCA47AE77EF755F] - 15/07/2014 - 13:15:57 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22744]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 15/07/2014 - 20:28:12 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.3EEFE5864B1BC5D9A5C0B1299F8C107B] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfd0416.dat [38536]
O44 - LFC:[MD5.399F4D9A97795D47B0C0ECE16AB8AD4C] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfi0416.dat [323154]
O44 - LFC:[MD5.ED30CF1F646BA1341DF168144119AD7B] - 18/07/2014 - 10:20:40 ---A- . (...) -- C:\Windows\Model.txt [21]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/07/2014 - 16:18:57 ----- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr [285747]
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr.mbr [8192]
O44 - LFC:[MD5.5BA9713747A94AD07D6CF4CD7C8CA01E] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\DMmvHost.ini [395]
O44 - LFC:[MD5.BF8B38B4391C94ED93E65409F4AA8361] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\multiview.ini [191]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/07/2014 - 18:59:34 ----- . (...) -- C:\asc_rdflag [0]
O44 - LFC:[MD5.2C2AD3D4961FE8061F198FF97B6649EC] - 23/07/2014 - 06:00:00 ----- . (...) -- C:\spyhunter.log [340] =>Crapware.SpyHunter
O44 - LFC:[MD5.245E43E19AA5A04E50B62B49EB027E90] - 23/07/2014 - 09:01:00 ----- . (...) -- C:\sh4_service.log [2613]
O44 - LFC:[MD5.60F57F11333336036A9E9DB63B512065] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154676]
O44 - LFC:[MD5.BEAF61ECA95A3514AF5BFB4CE00174DA] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [729486]
O44 - LFC:[MD5.1902652E916AD36A76FF39DF453B2010] - 25/07/2014 - 16:47:33 ---A- . (...) -- C:\zoek-results2014-07-25-194733.log [40811]
O44 - LFC:[MD5.57092DD03DE86EF1E3120E47AF27D831] - 25/07/2014 - 20:03:12 ---A- . (...) -- C:\Shortcut_Module_25_07_2014_20_03_18.txt [44748]
O44 - LFC:[MD5.53012C1CAB68E269074BB344707019DC] - 28/07/2014 - 09:49:01 R--A- . (...) -- C:\Pre_Scan_28_07_2014_09_49_01.txt [31738]
O44 - LFC:[MD5.1504CE18B53E63E69945471B6AFC0E32] - 28/07/2014 - 10:10:23 ---A- . (...) -- C:\Windows\System32\SupplicantTest.log [0]
O44 - LFC:[MD5.63C1FA06AB62366D7794A705CEB924E4] - 28/07/2014 - 10:37:57 ---A- . (...) -- C:\zoek-results2014-07-28-133757.log [4908]
O44 - LFC:[MD5.46359281FFD7E10AA4E1D03BE13D53A7] - 28/07/2014 - 11:09:26 ---A- . (...) -- C:\zoek-results2014-07-28-140926.log [8891]
O44 - LFC:[MD5.971BC21D44997AD309EC8009D08AC7DB] - 28/07/2014 - 11:27:05 ---A- . (...) -- C:\zoek-results.log [4332]
~ Files: 434 Legitimates Filtered in 00mn 10s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:11/07/2014 - 09:28:36 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248]
O58 - SDL:23/06/2010 - 06:55:44 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 06:55:40 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:06/11/2012 - 21:28:46 ---A- . (...) -- C:\Windows\System32\Drivers\semav6thermal64ro.sys [13792]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:07/02/2014 - 00:50:58 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\System32\Drivers\TVicHW32.sys [21200]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys.off [49536]
O58 - SDL:18/07/2014 - 19:19:42 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:09/04/2013 - 14:11:06 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MouseUSB.sys [5120]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys [29536]
~ Drivers: 95 Legitimates Filtered in 00mn 01s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys (regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - 06/11/2012 - C:\Windows\system32\drivers\semav6thermal64ro.sys (semav6thermal64ro) .(...) - LEGACY_SEMAV6THERMAL64RO
O64 - Services: CurCS - 04/06/2014 - C:\Windows\System32\Drivers\SmartDefragDriver.sys (SmartDefragDriver) .(.IObit - SmartDefrag Driver.) - LEGACY_SMARTDEFRAGDRIVER
~ Legacy: 137 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C1527408-C082-4471-B253-D6B8896AF7AB}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{BDE13D47-A9C7-4028-8F59-97A384E66AA0}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 09/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03/07/2012 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 16/07/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/07/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 05/01/2007 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 09/04/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 30/03/2012 237328 | (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
SS - | Demand 05/03/2010 831760 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Demand 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21/06/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 18/06/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 21/06/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 22/02/2013 427432 | (USER_ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SS - | Demand 09/06/2010 537456 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 09/06/2010 384880 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 09/06/2010 101232 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SS - | Demand 27/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 08/06/2010 952096 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 22/07/2014 408576 | (DMAgent) . (.Red Bend Ltd..) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
SR - | Auto 12/09/2013 1337752 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 22/02/2013 427432 | (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SR - | Auto 05/03/2010 1425168 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 15/11/2013 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 14/03/2011 47616 | (Oasis2Service) . (...) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
SR - | Auto 01/06/2010 367456 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 05/11/2012 10424 | (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
SR - | Auto 04/03/2013 258048 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 14/01/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Demand 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Demand 07/06/2010 304496 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 01/06/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 17/06/2010 851824 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Demand 12/10/2012 54760 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 08/06/2010 836608 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Auto 07/06/2010 911872 | (WiMAXAppSrv) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
~ Additionnel Scan: 411561 Items scanned in 00mn 17s
---\\ Additional information about modules
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects (O2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer toolbars (O3)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Auto loading programs from Registry and folders (O4)
~ AMI: 6 Legitimates Filtered in 00mn 00s
---\\ Summary of the detections found on your workstation
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.AutoKMS
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Paretologic
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 5 link(s) detected in 00mn 00s
~ 1463 Legitimates filtered by white list
End of the scan (619 lines in 01mn 30s)(0)
~ Launched by TOP (28/07/2014 11:46:29)
~ Web site address : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Web forum address : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Translated by
~ Version State : Updated version.
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17207
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software
Malwarebytes Anti-Malware version 2.0.2.1012
McAfee Security Scan Plus v3.8.150.1
Spybot - Search & Destroy v2.0.12
Windows Defender W7 (Activate)
---\\ System optimization software
CCleaner v4.15
---\\ Sharing software PeerToPeer
µTorrent v3.2.2.28500 =>P2P.µTorrent
---\\ Surveillance software
Adobe Flash Player 14 Plugin
Adobe Reader XI - Português
Java 7 Update 65
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8172 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 449 GB (76%) free of 586 GB
---\\ Connection to the system mode
~ Computer Name: VAIO
~ User Name: TOP
~ All Users Names: TOP, HomeGroupUser$, Guest, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TOP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TOP\AppData\Roaming\
~ %Desktop% : C:\Users\TOP\Desktop\
~ %Favorites% : C:\Users\TOP\Favorites\
~ %LocalAppData% : C:\Users\TOP\AppData\Local\
~ %StartMenu% : C:\Users\TOP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 449 Go of 586 Go)
D: CD-ROM drive (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Internet Extensions for Win32.) (.15/07/2014 - 20:28:14.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 3/4098
~ Mes musiques (My Musics) : 1/1014
~ Mes Videos (My Videos) : 2/28
~ Mes Favoris (My Favorites) : 2/153
~ Mes Documents (My Documents) : 2/4898
~ Mon Bureau (My Desktop) : 1/21337
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 13s
---\\ Process running
[MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [698680] [PID.2772]
[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.4688]
[MD5.672E1B3140D78F01E5563C32A72E3ED3] - (.No owner - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [62464] [PID.4936]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\PROGRAM FILES (X86)\HP\HP SOFTWARE UPDATE\HPWUSCHD2.exe [49208] [PID.5812]
[MD5.0DA8636ACBF55A4CA6350FEA7D789828] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8082432] [PID.2164]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.972]
[MD5.ED5501CBCA525947FF6985B38253B872] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [520520] [PID.348]
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752] [PID.1036]
[MD5.7ED3A9C3763725BD700946971215EE77] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.2248]
[MD5.A3E918D2A03A6E7F9C7748C3D89A2550] - (.No owner - Oasis2Service.) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [47616] [PID.2464]
[MD5.80E85394D8CD7F84340B1C6F4B9D698F] - (.Sony Corporation - Device Information Provider.) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [367456] [PID.2860]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2460]
[MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.2788]
[MD5.A058BB0BFE7F530A1CCF28F5DBDB6795] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360640] [PID.3972]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [217968] [PID.3824]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.3188]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe [120176] [PID.4708]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.1088]
[MD5.96EFA2698D6B9E2931609A3EA73FC5DC] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824] [PID.5012]
[MD5.8F0840FF3A11D6B3F767AD6C79AC2A40] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [54760] [PID.4284]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.6024]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.6732]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\TOP\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [cpngackimfmofbokmjmljamhdncknpmg] Screen Capture (by Google) v.5.1.4, (Activé)
G2 - GCE: Preference [User Data\Default] [fcgckldmmjdbpdejkclmfnnnehhocbfp] Google Finance v.1.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [higemadklcnjhjpgcbnnbpgeeippjjcp] Send Page v.1.5 (Activé)
G2 - GCE: Preference [User Data\Default] [hljnlfolmbmibdjaikiaepgepgnldclj] Simple Highlighter v.2.1.7.3, (Activé)
G2 - GCE: Preference [User Data\Default] [imcbnnnoghiihopefblgehihofbfbmei] Desprotetor de Links v.2.0.1.7, (Activé)
G2 - GCE: Preference [User Data\Default] [jfchnphgogjhineanplmfkofljiagjfb] Downloads v.2 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ngjdhjgbagpeimgpgloofkfoipgpdgdb] Mail this link v.1.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nnjbodopomfddehlalfilheomcahbpei] GBBD Caixa Economica Federal v.3.7.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbcaplhfkihhldmlbjhgajdeghjdbffi] GBBD Caixa Economica Federal v.3.7.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pfebpahfiklkbdgdacdcdojjejhpbkgc] Send from Omnibox v.0.1 (Activé)
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 34 Legitimates Filtered in 00mn 03s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\TOP\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\TOP\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ IE Browser: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects (O2)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540003} . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O2 - BHO: BuscaPe [64Bits] - {CF897CCA-7C89-4B6F-8E49-E51AD405289F} Orphan key
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Other User Links (O4)
O4 - GS\QuickLaunch [TOP]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IntelWirelessWiMAX] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- c:\program files\intel\wimax\bin\wimaxcu.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\apoint\apoint.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3701455409-3707843946-3216141553-1000\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s
---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D35DC87-B2B7-436D-8A75-FB5E6BF66C09}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.Adobe Systems, Inc. - 3D Capture.) - C:\Windows\System32\acaptuser64.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Ser (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Energy Server Service (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: Oasis2Service (Oasis2Service) . (.No owner - Oasis2Service.) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Services: 28 Legitimates Filtered in 00mn 05s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (sh4native Sh4Removal) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [pennybee Runner] (...) -- C:\ProgramData\pennybee\pennybee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Tempo Runner] (...) -- C:\PROGRA~3\pennybee\pennybee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [wp1-codedownloader] (...) -- C:\Program Files (x86)\wp1\wp1-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EA87288-8226-4DD3-ADED-94237F3DF281}] (...) -- C:\Users\TOP\Downloads\SOAOTH-00263500-1040.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C02A4B4A-9EE2-4837-8226-74A865974971}] (...) -- C:\Users\TOP\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>PUP.Babylon
[MD5.00000000000000000000000000000000] [APT] [Java Update] (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) [0]
[MD5.C4AF8FF242602D9B88686387A6DAED96] [APT] [VAIO Survey] (...) -- C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [390448]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\CCleanerClean.job [258]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\CCleanerClean [258]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b7c2457f4d6 [1064]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa11f8d0bd740 [1062]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000Core1cf4a78eb00bb57 [1018]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3701455409-3707843946-3216141553-1000UA1cf69e862683ffe [1070]
~ Scheduled Task: 50 Legitimates Filtered in 00mn 07s
---\\ Drivers launched at startup (O41)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
~ Drivers: 69 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: BuscaPe Na Hora - (...) [HKLM][64Bits] -- {16712AFB-B5B6-4E00-8FDB-EA6147CDEFF3}_is1
O42 - Logiciel: DANFE View - (.Unimake Softwares.) [HKLM][64Bits] -- DANFE View_is1
O42 - Logiciel: GeoVision ADPCM - (...) [HKLM][64Bits] -- GeoADPCM
O42 - Logiciel: GeoVision H264 - (...) [HKLM][64Bits] -- Codec_264
O42 - Logiciel: GeoVision JPEG - (...) [HKLM][64Bits] -- Codec_jpeg
O42 - Logiciel: GeoVision MPEG2 - (...) [HKLM][64Bits] -- Codec_mp2
O42 - Logiciel: GeoVision MPEG4 - (...) [HKLM][64Bits] -- GEOXCodec
O42 - Logiciel: GeoVision MPEG4 ASP - (...) [HKLM][64Bits] -- Codec_amp4
O42 - Logiciel: GeoVision MPEG4 AVC - (...) [HKLM][64Bits] -- Codec_AVC
O42 - Logiciel: NetSupport Manager - (.NetSupport Ltd.) [HKLM][64Bits] -- {2CB3F85C-ABA2-4B56-B395-17F21B679093}
O42 - Logiciel: Oasis2Service 1.0 - (.DDNi.) [HKLM][64Bits] -- {E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
O42 - Logiciel: PDF Studio - (.Qoppa Software.) [HKLM][64Bits] -- 8147-3835-7485-6804
~ Logic: 20 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\BeCrux]
[HKCU\Software\BuscaPe]
[HKCU\Software\GbAs]
[HKCU\Software\GeoVision]
[HKCU\Software\NetSupport Ltd]
[HKCU\Software\OB]
[HKCU\Software\Scopus]
[HKCU\Software\Shortcut_Module]
[HKCU\Software\T-App]
[HKCU\Software\TorrentEasy]
[HKCU\Software\UltraDownloads.com.br]
[HKLM\Software\Best Buy]
[HKLM\Software\Shortcut_Module]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\GoodMedia]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\NSL]
[HKLM\Software\Wow6432Node\NetSupport Manager]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\UlisesSoft]
[HKLM\Software\Wow6432Node\geovision]
[HKLM\Software\Wow6432Node\v9magic]
~ Key Software: 439 Legitimates Filtered in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 22/07/2014 - 15:36:02 - [] ----D C:\Program Files (x86)\BuscaPe Na Hora
O43 - CFD: 15/07/2014 - 12:18:54 - [] ----D C:\Program Files (x86)\DDNi
O43 - CFD: 15/07/2014 - 12:21:13 - [] ----D C:\Program Files (x86)\NetSupport
O43 - CFD: 15/07/2014 - 12:21:14 - [] ----D C:\Program Files (x86)\NetSupport Manager
O43 - CFD: 18/07/2014 - 09:15:07 - [] ----D C:\Program Files (x86)\PDFStudio
O43 - CFD: 15/07/2014 - 12:21:28 - [] ----D C:\Program Files (x86)\Respironics
O43 - CFD: 24/07/2014 - 18:43:14 - [] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 15/07/2014 - 12:22:25 - [] ----D C:\ProgramData\DDNi
O43 - CFD: 15/07/2014 - 12:23:11 - [] ----D C:\ProgramData\NetSupport
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\TorrentEasy
O43 - CFD: 15/07/2014 - 12:24:08 - [] ----D C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
O43 - CFD: 15/07/2014 - 12:24:09 - [] --H-D C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
O43 - CFD: 15/07/2014 - 12:50:24 - [] ----D C:\Users\TOP\AppData\Roaming\AdbDriverInstaller
O43 - CFD: 15/07/2014 - 12:51:10 - [] ----D C:\Users\TOP\AppData\Roaming\NetSupport
O43 - CFD: 24/07/2014 - 18:42:25 - [] ----D C:\Users\TOP\AppData\Roaming\ProductData
O43 - CFD: 15/07/2014 - 12:51:26 - [] ----D C:\Users\TOP\AppData\Roaming\T-App
O43 - CFD: 15/07/2014 - 12:49:29 - [] ----D C:\Users\TOP\AppData\Local\BeCrux
O43 - CFD: 21/12/2011 - 14:06:27 - [0] ----D C:\Users\TOP\AppData\Local\Motosftemp
O43 - CFD: 15/07/2014 - 12:50:01 - [] ----D C:\Users\TOP\AppData\Local\Respironics
~ Program Folder: 245 Legitimates Filtered in 00mn 00s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.924C8CC7C2FA0A0DABD908E3BE1C0D1B] - 14/07/2014 - 16:25:54 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagerr.xml [1890]
O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 15/07/2014 - 10:02:41 ---A- . (...) -- C:\Windows\diagwrn.xml [1890]
O44 - LFC:[MD5.3B1CBCB18FFDF416B067633F90288E33] - 15/07/2014 - 10:06:52 ---A- . (...) -- C:\Windows\CompatibilityIssues.txt [1226]
O44 - LFC:[MD5.9FA44E747737A8E1C78F32D3B31EB7E2] - 15/07/2014 - 12:03:54 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3774821]
O44 - LFC:[MD5.721CB2CEBF86999FECCA47AE77EF755F] - 15/07/2014 - 13:15:57 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [22744]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 15/07/2014 - 20:28:12 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.3EEFE5864B1BC5D9A5C0B1299F8C107B] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfd0416.dat [38536]
O44 - LFC:[MD5.399F4D9A97795D47B0C0ECE16AB8AD4C] - 15/07/2014 - 20:47:44 ---A- . (...) -- C:\Windows\System32\prfi0416.dat [323154]
O44 - LFC:[MD5.ED30CF1F646BA1341DF168144119AD7B] - 18/07/2014 - 10:20:40 ---A- . (...) -- C:\Windows\Model.txt [21]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/07/2014 - 16:18:57 ----- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr [285747]
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 18/07/2014 - 18:06:27 ----- . (...) -- C:\shldr.mbr [8192]
O44 - LFC:[MD5.5BA9713747A94AD07D6CF4CD7C8CA01E] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\DMmvHost.ini [395]
O44 - LFC:[MD5.BF8B38B4391C94ED93E65409F4AA8361] - 21/07/2014 - 15:07:53 ---A- . (...) -- C:\Windows\multiview.ini [191]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/07/2014 - 18:59:34 ----- . (...) -- C:\asc_rdflag [0]
O44 - LFC:[MD5.2C2AD3D4961FE8061F198FF97B6649EC] - 23/07/2014 - 06:00:00 ----- . (...) -- C:\spyhunter.log [340] =>Crapware.SpyHunter
O44 - LFC:[MD5.245E43E19AA5A04E50B62B49EB027E90] - 23/07/2014 - 09:01:00 ----- . (...) -- C:\sh4_service.log [2613]
O44 - LFC:[MD5.60F57F11333336036A9E9DB63B512065] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [154676]
O44 - LFC:[MD5.BEAF61ECA95A3514AF5BFB4CE00174DA] - 25/07/2014 - 15:54:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [729486]
O44 - LFC:[MD5.1902652E916AD36A76FF39DF453B2010] - 25/07/2014 - 16:47:33 ---A- . (...) -- C:\zoek-results2014-07-25-194733.log [40811]
O44 - LFC:[MD5.57092DD03DE86EF1E3120E47AF27D831] - 25/07/2014 - 20:03:12 ---A- . (...) -- C:\Shortcut_Module_25_07_2014_20_03_18.txt [44748]
O44 - LFC:[MD5.53012C1CAB68E269074BB344707019DC] - 28/07/2014 - 09:49:01 R--A- . (...) -- C:\Pre_Scan_28_07_2014_09_49_01.txt [31738]
O44 - LFC:[MD5.1504CE18B53E63E69945471B6AFC0E32] - 28/07/2014 - 10:10:23 ---A- . (...) -- C:\Windows\System32\SupplicantTest.log [0]
O44 - LFC:[MD5.63C1FA06AB62366D7794A705CEB924E4] - 28/07/2014 - 10:37:57 ---A- . (...) -- C:\zoek-results2014-07-28-133757.log [4908]
O44 - LFC:[MD5.46359281FFD7E10AA4E1D03BE13D53A7] - 28/07/2014 - 11:09:26 ---A- . (...) -- C:\zoek-results2014-07-28-140926.log [8891]
O44 - LFC:[MD5.971BC21D44997AD309EC8009D08AC7DB] - 28/07/2014 - 11:27:05 ---A- . (...) -- C:\zoek-results.log [4332]
~ Files: 434 Legitimates Filtered in 00mn 10s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj [64Bits] - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:17/09/2012 - 19:58:30 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:11/07/2014 - 09:28:36 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248]
O58 - SDL:23/06/2010 - 06:55:44 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 06:55:40 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:06/11/2012 - 21:28:46 ---A- . (...) -- C:\Windows\System32\Drivers\semav6thermal64ro.sys [13792]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:07/02/2014 - 00:50:58 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [38216]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\System32\Drivers\TVicHW32.sys [21200]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys.off [49536]
O58 - SDL:18/07/2014 - 19:19:42 ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
O58 - SDL:09/04/2013 - 14:11:06 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MouseUSB.sys [5120]
O58 - SDL:30/07/2011 - 17:12:05 ---A- . (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys [29536]
~ Drivers: 95 Legitimates Filtered in 00mn 01s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys (regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - 06/11/2012 - C:\Windows\system32\drivers\semav6thermal64ro.sys (semav6thermal64ro) .(...) - LEGACY_SEMAV6THERMAL64RO
O64 - Services: CurCS - 04/06/2014 - C:\Windows\System32\Drivers\SmartDefragDriver.sys (SmartDefragDriver) .(.IObit - SmartDefrag Driver.) - LEGACY_SMARTDEFRAGDRIVER
~ Legacy: 137 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C1527408-C082-4471-B253-D6B8896AF7AB}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{BDE13D47-A9C7-4028-8F59-97A384E66AA0}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 09/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03/07/2012 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 16/07/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/07/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 05/01/2007 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SS - | Auto 04/05/2014 2152736 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 09/04/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 30/03/2012 237328 | (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
SS - | Demand 05/03/2010 831760 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Demand 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21/06/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 18/06/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 21/06/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 22/02/2013 427432 | (USER_ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SS - | Demand 09/06/2010 537456 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 09/06/2010 384880 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 09/06/2010 101232 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SS - | Demand 27/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 08/06/2010 952096 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 22/07/2014 408576 | (DMAgent) . (.Red Bend Ltd..) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
SR - | Auto 12/09/2013 1337752 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 22/02/2013 427432 | (ESRV_SVC) . (...) - C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
SR - | Auto 05/03/2010 1425168 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 26/02/2014 520520 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 15/11/2013 137528 | (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 14/03/2011 47616 | (Oasis2Service) . (...) - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
SR - | Auto 01/06/2010 367456 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 02/09/2011 65657 | (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
SR - | Auto 05/11/2012 10424 | (SACSrv) . (.SafeNet, Inc..) - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe
SR - | Auto 04/03/2013 258048 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 14/01/2013 360640 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Demand 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Demand 07/06/2010 304496 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 01/06/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 17/06/2010 851824 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Demand 12/10/2012 54760 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 08/06/2010 836608 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Auto 07/06/2010 911872 | (WiMAXAppSrv) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (27/07/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
~ Additionnel Scan: 411561 Items scanned in 00mn 17s
---\\ Additional information about modules
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects (O2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer toolbars (O3)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Auto loading programs from Registry and folders (O4)
~ AMI: 6 Legitimates Filtered in 00mn 00s
---\\ Summary of the detections found on your workstation
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.AutoKMS
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Paretologic
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Babylon
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Crapware.SpyHunter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
~ MSI: 5 link(s) detected in 00mn 00s
~ 1463 Legitimates filtered by white list
End of the scan (619 lines in 01mn 30s)(0)
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 13:39
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
________________________________________________________________________________________________________
Acesse o site [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e envie este arquivo destacado em negrito abaixo para ser analisado:C:\Windows\SysWOW64\drivers\MouseUSB.sys
Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com os outros logs pedidos nesta postagem.
Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei._____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.
Última edição por Power Max em Qua 30 Jul 2014, 12:05, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) Remover Baidu do Registro
por Top Sugar Seg 28 Jul 2014, 14:12
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Top Sugar- Iniciante
- Mensagens : 32
Reputação : 0
Data de inscrição : 24/07/2014
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 14:15
faltou você postar o relatório do ZHPFix
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover Baidu do registro
por Power Max Seg 28 Jul 2014, 14:18
E no caso daquele arquivo que você enviou para análise, envie ele novamente por gentileza. E ai quando o Virus Total dizer que ele já foi analisado, peça para ele reanalisar. E aí poste o link desta nova análise em sua próxima resposta juntamente com o relatório do ZHPFix.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 3 • 1, 2, 3
Página 1 de 3
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|