Remover Baidu antivirus

Já tentei o ccleaner, o revo e o zoek.......mas nenhum desinstalou o Baidu antivírus... terei que formatar..????

Olá joão proença lopes

Qual a versão do seu Windows? Ele é 64 bit?

Sim...64 btis win 7 ultimate

Quando estou instalando o zoek dá a seguinte mensagem : MICROSOFT ® CONSOLE BASED SCRIPT HOST PAROU DE FUNCIONAR....

desculpa...é 64 bits ein 7 ultimate pack 1

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]

*Cole ou anexe o relatório FRST.txt criado no Desktop

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by SAMARA (administrator) on SAMARA-PC on 31-12-2013 14:17:07
Running from C:\Users\SAMARA\Desktop
Windows 7 Ultimate (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-23] (AVAST Software)
HKLM-x32\...\Run: [Baidu Antivirus] - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe [935784 2013-12-19] (Baidu, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA5A3AC6EED20CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll No File
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR RestoreOnStartup: "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzuyBtDyBtC0B0C0DtCyB0E0FtD0A0C0A0FtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1325678835&ir="
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\SAMARA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (SpeedAnalysis.com) - C:\Users\SAMARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon\1.0.0.5_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\SAMARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Users\SAMARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.1.1_0
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\SAMARA\AppData\Local\mysearchdial-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\SAMARA\AppData\Roaming\SpeedanAlysis\speedanalysis.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\SAMARA\AppData\Local\mysearchdial-speeddial.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-23] (AVAST Software)
S2 BAVSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe [1921328 2013-12-19] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [456856 2013-12-19] (Baidu, Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
S4 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /svc [x]
S4 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /medsvc [x]
S2 IBUpdaterService; "C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE [x]
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-23] ()
U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [135904 2013-11-27] (Baidu, Inc.)
U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [22016 2013-12-17] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2013-12-17] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2013-12-17] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128448 2013-12-18] (Baidu, Inc.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-31 14:17 - 2013-12-31 14:17 - 00010213 _____ C:\Users\SAMARA\Desktop\FRST.txt
2013-12-31 14:16 - 2013-12-31 14:16 - 00000000 ____D C:\FRST
2013-12-31 14:16 - 2013-12-31 14:13 - 01931302 _____ (Farbar) C:\Users\SAMARA\Desktop\FRST64.exe
2013-12-31 14:14 - 2013-12-31 14:14 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2013-12-31 14:14 - 2013-12-31 14:14 - 00000000 ____D C:\ProgramData\Baidu
2013-12-29 18:22 - 2013-12-29 18:22 - 00000000 ____D C:\zoek
2013-12-29 18:18 - 2013-12-29 18:08 - 00004128 _____ C:\zoek-results2013-12-29-200815.log
2013-12-29 18:01 - 2013-12-29 17:24 - 00019546 _____ C:\zoek-results2013-12-29-192426.log
2013-12-29 18:00 - 2013-12-29 18:00 - 00000000 ____D C:\Users\SAMARA\Desktop\zoek
2013-12-29 18:00 - 2013-12-29 17:59 - 00024977 _____ C:\Users\SAMARA\Desktop\Fix.txt
2013-12-29 17:22 - 2013-12-29 18:22 - 00000063 _____ C:\folders.log
2013-12-29 17:16 - 2013-12-29 17:06 - 00022417 _____ C:\zoek-results2013-12-29-190643.log
2013-12-29 17:09 - 2013-12-29 18:22 - 00001462 _____ C:\runcheck.txt
2013-12-29 16:49 - 2013-12-29 13:08 - 00023722 _____ C:\zoek-results2013-12-29-150807.log
2013-12-29 16:46 - 2013-12-29 16:46 - 00000000 ____D C:\Users\SAMARA\Downloads\zoek
2013-12-29 16:45 - 2013-12-31 14:14 - 00000280 _____ C:\Windows\setupact.log
2013-12-29 16:45 - 2013-12-29 16:45 - 00000000 _____ C:\Windows\setuperr.log
2013-12-29 16:44 - 2013-12-31 14:14 - 00002418 _____ C:\Windows\PFRO.log
2013-12-29 13:09 - 2013-12-29 17:26 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2013-12-29 12:55 - 2013-12-29 18:22 - 00004180 _____ C:\zoek-results.log
2013-12-29 12:50 - 2013-12-29 18:09 - 00000000 ____D C:\zoek_backup
2013-12-29 00:41 - 2013-12-29 00:41 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\TuneUp Software
2013-12-29 00:41 - 2013-12-29 00:41 - 00000000 ____D C:\Users\SAMARA\AppData\Local\Avg2014
2013-12-29 00:40 - 2013-12-29 10:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-29 00:39 - 2013-12-29 00:42 - 00000000 ____D C:\Users\Todos os Usuários\TuneUp Software
2013-12-29 00:39 - 2013-12-29 00:42 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 __SHD C:\Users\Todos os Usuários\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 23:48 - 2013-12-28 23:48 - 00021607 _____ C:\ComboFix.txt
2013-12-28 23:35 - 2011-06-26 04:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-28 23:35 - 2010-11-07 15:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-28 23:35 - 2009-04-20 02:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-28 23:35 - 2000-08-30 22:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-28 23:35 - 2000-08-30 22:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-28 23:35 - 2000-08-30 22:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-28 23:35 - 2000-08-30 22:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-28 23:35 - 2000-08-30 22:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-28 23:34 - 2013-12-28 23:48 - 00000000 ____D C:\Qoobox
2013-12-28 23:33 - 2013-12-28 23:47 - 00000000 ____D C:\Windows\erdnt
2013-12-28 23:02 - 2013-12-28 23:02 - 00000000 ____D C:\Users\Todos os Usuários\Ashampoo
2013-12-28 23:02 - 2013-12-28 23:02 - 00000000 ____D C:\ProgramData\Ashampoo
2013-12-28 22:59 - 2013-12-28 23:01 - 09598024 _____ (ashampoo GmbH & Co. KG ) C:\Users\SAMARA\Downloads\ashampoo_uninstaller_2010_1.04_7135.exe
2013-12-28 22:49 - 2013-12-28 22:51 - 04645232 _____ (Piriform Ltd) C:\Users\SAMARA\Downloads\ccsetup409.exe
2013-12-28 21:19 - 2013-12-28 21:19 - 00000000 _____ C:\autoexec.bat
2013-12-28 21:16 - 2013-12-28 21:16 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-28 21:15 - 2013-12-28 21:44 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-26 17:31 - 2013-12-26 17:31 - 00000029 _____ C:\Users\SAMARA\AppData\Roaming\WB.CFG
2013-12-26 16:35 - 2013-12-28 22:52 - 00000000 ____D C:\Program Files\VDownloader
2013-12-26 16:35 - 2013-12-26 16:35 - 00000000 ____D C:\Program Files\WinPcap
2013-12-26 16:31 - 2013-12-29 17:05 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\0H1F2WtF1L1G1R
2013-12-26 16:30 - 2013-12-18 07:11 - 00128448 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bprotect.sys
2013-12-26 16:29 - 2013-12-26 16:29 - 00001198 _____ C:\Users\Public\Desktop\Baidu Antivirus.lnk
2013-12-26 16:29 - 2013-12-17 07:59 - 00052032 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys
2013-12-26 16:29 - 2013-12-17 07:59 - 00034624 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys
2013-12-26 16:28 - 2013-12-29 00:59 - 00000000 ____D C:\Users\Todos os Usuários\Log
2013-12-26 16:28 - 2013-12-29 00:59 - 00000000 ____D C:\ProgramData\Log
2013-12-26 16:27 - 2013-12-29 18:09 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-12-26 10:40 - 2013-12-26 10:40 - 00000000 ____D C:\Windows\pss
2013-12-19 23:00 - 2013-12-29 18:33 - 00390195 _____ C:\Windows\WindowsUpdate.log
2013-12-11 17:12 - 2013-12-11 17:12 - 00002212 _____ C:\Users\Public\Desktop\ Google Earth.lnk
2013-12-11 01:15 - 2013-12-11 01:15 - 00000988 _____ C:\Users\SAMARA\Desktop\Luxor 2.lnk
2013-12-01 17:07 - 2013-12-01 17:07 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2013-12-01 17:07 - 2013-12-01 17:07 - 00000000 ____D C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

2013-12-31 14:17 - 2013-12-31 14:17 - 00010213 _____ C:\Users\SAMARA\Desktop\FRST.txt
2013-12-31 14:16 - 2013-12-31 14:16 - 00000000 ____D C:\FRST
2013-12-31 14:15 - 2012-07-09 22:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-31 14:14 - 2013-12-31 14:14 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2013-12-31 14:14 - 2013-12-31 14:14 - 00000000 ____D C:\ProgramData\Baidu
2013-12-31 14:14 - 2013-12-29 16:45 - 00000280 _____ C:\Windows\setupact.log
2013-12-31 14:14 - 2013-12-29 16:44 - 00002418 _____ C:\Windows\PFRO.log
2013-12-31 14:14 - 2012-06-07 18:19 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-31 14:14 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 14:13 - 2013-12-31 14:16 - 01931302 _____ (Farbar) C:\Users\SAMARA\Desktop\FRST64.exe
2013-12-29 18:33 - 2013-12-19 23:00 - 00390195 _____ C:\Windows\WindowsUpdate.log
2013-12-29 18:23 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-29 18:23 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-29 18:22 - 2013-12-29 18:22 - 00000000 ____D C:\zoek
2013-12-29 18:22 - 2013-12-29 17:22 - 00000063 _____ C:\folders.log
2013-12-29 18:22 - 2013-12-29 17:09 - 00001462 _____ C:\runcheck.txt
2013-12-29 18:22 - 2013-12-29 12:55 - 00004180 _____ C:\zoek-results.log
2013-12-29 18:09 - 2013-12-29 12:50 - 00000000 ____D C:\zoek_backup
2013-12-29 18:09 - 2013-12-26 16:27 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-12-29 18:09 - 2012-06-07 18:19 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 18:08 - 2013-12-29 18:18 - 00004128 _____ C:\zoek-results2013-12-29-200815.log
2013-12-29 18:00 - 2013-12-29 18:00 - 00000000 ____D C:\Users\SAMARA\Desktop\zoek
2013-12-29 17:59 - 2013-12-29 18:00 - 00024977 _____ C:\Users\SAMARA\Desktop\Fix.txt
2013-12-29 17:49 - 2012-05-14 18:16 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-29 17:26 - 2013-12-29 13:09 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2013-12-29 17:24 - 2013-12-29 18:01 - 00019546 _____ C:\zoek-results2013-12-29-192426.log
2013-12-29 17:24 - 2012-08-09 21:19 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-756854121-593926072-3799150846-1000UA.job
2013-12-29 17:06 - 2013-12-29 17:16 - 00022417 _____ C:\zoek-results2013-12-29-190643.log
2013-12-29 17:05 - 2013-12-26 16:31 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\0H1F2WtF1L1G1R
2013-12-29 16:46 - 2013-12-29 16:46 - 00000000 ____D C:\Users\SAMARA\Downloads\zoek
2013-12-29 16:45 - 2013-12-29 16:45 - 00000000 _____ C:\Windows\setuperr.log
2013-12-29 13:08 - 2013-12-29 16:49 - 00023722 _____ C:\zoek-results2013-12-29-150807.log
2013-12-29 13:02 - 2012-04-22 21:17 - 00000000 ____D C:\Users\SAMARA
2013-12-29 10:36 - 2013-12-29 00:40 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-29 01:17 - 2012-04-23 15:16 - 00000000 ____D C:\Program Files (x86)\Luxor Amun Rising
2013-12-29 00:59 - 2013-12-26 16:28 - 00000000 ____D C:\Users\Todos os Usuários\Log
2013-12-29 00:59 - 2013-12-26 16:28 - 00000000 ____D C:\ProgramData\Log
2013-12-29 00:42 - 2013-12-29 00:39 - 00000000 ____D C:\Users\Todos os Usuários\TuneUp Software
2013-12-29 00:42 - 2013-12-29 00:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-29 00:41 - 2013-12-29 00:41 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\TuneUp Software
2013-12-29 00:41 - 2013-12-29 00:41 - 00000000 ____D C:\Users\SAMARA\AppData\Local\Avg2014
2013-12-29 00:41 - 2009-07-29 14:08 - 00666732 _____ C:\Windows\system32\prfh0416.dat
2013-12-29 00:41 - 2009-07-29 14:08 - 00128962 _____ C:\Windows\system32\prfc0416.dat
2013-12-29 00:41 - 2009-07-14 03:13 - 01525094 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 __SHD C:\Users\Todos os Usuários\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 23:48 - 2013-12-28 23:48 - 00021607 _____ C:\ComboFix.txt
2013-12-28 23:48 - 2013-12-28 23:34 - 00000000 ____D C:\Qoobox
2013-12-28 23:48 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Default
2013-12-28 23:47 - 2013-12-28 23:33 - 00000000 ____D C:\Windows\erdnt
2013-12-28 23:45 - 2009-07-14 00:34 - 00000215 _____ C:\Windows\system.ini
2013-12-28 23:43 - 2009-07-14 00:34 - 64225280 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-12-28 23:43 - 2009-07-14 00:34 - 13631488 _____ C:\Windows\system32\config\SYSTEM.bak
2013-12-28 23:43 - 2009-07-14 00:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-12-28 23:43 - 2009-07-14 00:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-12-28 23:43 - 2009-07-14 00:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2013-12-28 23:08 - 2012-08-18 12:51 - 00000000 ____D C:\BigFishGamesCache
2013-12-28 23:05 - 2012-06-08 21:28 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-28 23:05 - 2012-04-23 19:06 - 00000000 ____D C:\Users\SAMARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-28 23:02 - 2013-12-28 23:02 - 00000000 ____D C:\Users\Todos os Usuários\Ashampoo
2013-12-28 23:02 - 2013-12-28 23:02 - 00000000 ____D C:\ProgramData\Ashampoo
2013-12-28 23:01 - 2013-12-28 22:59 - 09598024 _____ (ashampoo GmbH & Co. KG ) C:\Users\SAMARA\Downloads\ashampoo_uninstaller_2010_1.04_7135.exe
2013-12-28 22:52 - 2013-12-26 16:35 - 00000000 ____D C:\Program Files\VDownloader
2013-12-28 22:52 - 2012-04-22 23:47 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-28 22:52 - 2012-04-22 23:47 - 00000000 ____D C:\Program Files\CCleaner
2013-12-28 22:51 - 2013-12-28 22:49 - 04645232 _____ (Piriform Ltd) C:\Users\SAMARA\Downloads\ccsetup409.exe
2013-12-28 22:48 - 2012-04-22 21:17 - 00000000 ___RD C:\Users\SAMARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-28 21:44 - 2013-12-28 21:15 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-28 21:19 - 2013-12-28 21:19 - 00000000 _____ C:\autoexec.bat
2013-12-28 21:16 - 2013-12-28 21:16 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 21:59 - 2012-08-09 21:19 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-756854121-593926072-3799150846-1000Core.job
2013-12-26 17:31 - 2013-12-26 17:31 - 00000029 _____ C:\Users\SAMARA\AppData\Roaming\WB.CFG
2013-12-26 16:35 - 2013-12-26 16:35 - 00000000 ____D C:\Program Files\WinPcap
2013-12-26 16:29 - 2013-12-26 16:29 - 00001198 _____ C:\Users\Public\Desktop\Baidu Antivirus.lnk
2013-12-26 10:40 - 2013-12-26 10:40 - 00000000 ____D C:\Windows\pss
2013-12-23 16:40 - 2009-07-14 03:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-22 11:20 - 2012-04-22 21:17 - 00000000 ____D C:\Users\SAMARA\AppData\Local\VirtualStore
2013-12-18 07:11 - 2013-12-26 16:30 - 00128448 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bprotect.sys
2013-12-17 07:59 - 2013-12-26 16:29 - 00052032 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys
2013-12-17 07:59 - 2013-12-26 16:29 - 00034624 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys
2013-12-14 15:47 - 2013-08-03 16:54 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 15:45 - 2012-04-22 22:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 17:12 - 2013-12-11 17:12 - 00002212 _____ C:\Users\Public\Desktop\ Google Earth.lnk
2013-12-11 17:11 - 2012-06-07 18:19 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-11 01:15 - 2013-12-11 01:15 - 00000988 _____ C:\Users\SAMARA\Desktop\Luxor 2.lnk
2013-12-10 23:49 - 2012-05-14 18:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 23:49 - 2012-05-14 18:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 23:49 - 2012-05-14 18:16 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-06 22:04 - 2012-06-07 18:19 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-06 22:04 - 2012-06-07 18:19 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-01 17:07 - 2013-12-01 17:07 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2013-12-01 17:07 - 2013-12-01 17:07 - 00000000 ____D C:\ProgramData\McAfee
2013-12-01 17:04 - 2012-05-24 22:05 - 00000000 ____D C:\Users\SAMARA\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\SAMARA\AppData\Local\Temp\7za.exe
C:\Users\SAMARA\AppData\Local\Temp\hijackthis.exe
C:\Users\SAMARA\AppData\Local\Temp\NirCmd.exe
C:\Users\SAMARA\AppData\Local\Temp\PEVZ.EXE
C:\Users\SAMARA\AppData\Local\Temp\remove.exe
C:\Users\SAMARA\AppData\Local\Temp\sed.exe
C:\Users\SAMARA\AppData\Local\Temp\shortcut.exe
C:\Users\SAMARA\AppData\Local\Temp\swreg.exe
C:\Users\SAMARA\AppData\Local\Temp\swxcacls.exe
C:\Users\SAMARA\AppData\Local\Temp\wget.exe
C:\Users\SAMARA\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 18:03

==================== End Of Log ============================

Baixe o arquivo fixlist.txt e salve-o no Desktop

*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Fix] e cole ou anexe o relatório Fixlog.txt criado no Desktop


Reinicie o PC


Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Salve qualquer trabalho aberto e feche o seu navegador

*Execute-o, clique [Examinar] e aguarde o término

*Clique [Limpar] e aguarde o término

*Caso seja solicitada a reinicialização do PC, clique [OK] para reiniciar.

*Cole o relatório C:\AdwCleaner\AdwCleaner[S0].txt

Quando executei o FRST apareceu uma mensagem que o FRST.EXE parou de funcionar......Vou tentar enviar o arquivo gerado fixlog....não sei muito bem como faz isso...

Anexo arquivo Adwcleaner..

Vc não fez corretamente o procedimento do FRST.


Baixe o arquivo fix.zip e extraia o seu conteúdo

*Clique com o botão direito do mouse no fix.bat e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Reinicie o PC

Pronto executei o fix como administrador, apareceu muito rápido uma tela preta como a do cmd....depois reiniciei o pc.....aguardo

Como está a situação?

Foi resolvido?

Não......ele continua lá.....agora dei o msconfig e ele permanece...quanto reinicia aparece a mensagem do baidu.

Execute o AdwCleaner, clique [Desinstalar] > [Sim]


Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de OldTimer) e salve-o no Desktop (Área de Trabalho)

*Clique com o botão direito do mouse no OTL e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Selecione:

Verificar All Users
Ignorar Arquivos Microsoft
Verificar Lop
Verificar Purity

*Clique [Verificar] e aguarde o término

*Anexe os relatórios OTL.txt e Extras.txt criados no Desktop (Área de Trabalho)

Segue OLT

Segue EXTRAS

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Tweaking.com)

*Extraia o seu conteúdo

*Na pasta Tweaking.com-Windows Repair, execute o Repair_Windows

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique na aba [Start Repairs]

*Clique [Start]

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  

*Clique [Unselect All] e selecione:

Reset Registry Permissions
Reset File Permissions
Remove Policies Set By Infections


*Clique [Start] e aguarde o término


Não reinicie o PC!


Execute o OTL, copie e cole as linhas no espaço abaixo de Exames Personalizados/Correções

:OTL
PRC - [2013/12/19 08:30:58 | 000,935,784 | ---- | M] (Baidu, Inc.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
PRC - [2013/12/19 08:30:42 | 000,456,856 | ---- | M] (Baidu, Inc.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
SRV - [2013/12/19 08:30:42 | 000,456,856 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe -- (BHipsSvc)
SRV - [2013/12/19 08:30:08 | 001,921,328 | ---- | M] (Baidu, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe -- (BAVSvc)
DRV:64bit: - [2013/12/18 07:11:04 | 000,128,448 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Bprotect.sys -- (Bprotect)
DRV:64bit: - [2013/12/17 07:59:30 | 000,034,624 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\Bfmon.sys -- (Bfmon)
DRV:64bit: - [2013/12/17 07:59:26 | 000,052,032 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\Bfilter.sys -- (Bfilter)
DRV - [2013/12/17 07:59:38 | 000,022,016 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Unknown] -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys -- (BdCameraProtect)
DRV - [2013/11/27 08:56:28 | 000,135,904 | ---- | M] (Baidu, Inc.) [Kernel | On_Demand | Unknown] -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys -- (BdApiUtil)
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR - default_search_provider: Mysearchdial (Enabled)
O4 - HKLM..\Run: [Baidu Antivirus] C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe (Baidu, Inc.)
[2013/12/31 15:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2013/12/26 16:30:00 | 000,128,448 | ---- | C] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bprotect.sys
[2013/12/26 16:29:59 | 000,034,624 | ---- | C] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bfmon.sys
[2013/12/26 16:29:57 | 000,052,032 | ---- | C] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bfilter.sys
[2013/12/26 16:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
[2013/12/26 16:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu Security
[2013/12/18 07:11:04 | 000,128,448 | ---- | M] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bprotect.sys
[2013/12/17 07:59:30 | 000,034,624 | ---- | M] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bfmon.sys
[2013/12/17 07:59:26 | 000,052,032 | ---- | M] (Baidu, Inc.) -- C:\Windows\SysNative\drivers\Bfilter.sys

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Baidu Antivirus" =-

:Commands
[Reboot]

*Clique [Consertar]

*Clique [OK] para reiniciar o PC

*Ao reiniciar, caso o UAC esteja ativado, surgirá uma janela de Aviso de Segurança do Windows perguntando se deseja executar o OTL. Clique [Executar]

*Cole o relatório C:\_OTL\MovedFiles\mêsdiaano_horaminutossegundos.log

Quando cliquei em consertar, sumiu todos os ícones do desktop, ficando uma tela preta, depois de alguns segundos voltou apenas a foto de tela de entrada sem nenhum icone, mais um tempo apareceram os ícones cerca de 3 minutos depois......não acontecendo mais nada......executei o msconfig e o baidu aparece na inicialização e não permite desativá-lo.

Bom amigo, tentaremos a última alternativa.


Reinicie o PC em Modo de Segurança e repita o procedimento do OTL.

Foi executado o OLT, pediu prá reiniciar, depois de reiniciar não apareceu mais a mensagem do BAIDU, e gerou um log que eu estou enviando.........Fui no msconfig e não encontrei mais lá.........como fazer para ter certeza de que foi eliminado o BAIDU.????? estou copiando o LOG abaixo porque não consegui enviar o arquivo.
========== OTL ==========
Unable to kill active process BavTray.exe!
No active process named BHipsSvc.exe was found!
Service BHipsSvc stopped successfully!
Service BHipsSvc deleted successfully!
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe moved successfully.
Service BAVSvc stopped successfully!
Service BAVSvc deleted successfully!
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe moved successfully.
Error: Unable to stop service Bprotect!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully.
C:\Windows\SysNative\drivers\Bprotect.sys moved successfully.
Service Bfmon stopped successfully!
Service Bfmon deleted successfully!
C:\Windows\SysNative\drivers\Bfmon.sys moved successfully.
Service Bfilter stopped successfully!
Service Bfilter deleted successfully!
C:\Windows\SysNative\drivers\Bfilter.sys moved successfully.
Error: No service named BdCameraProtect was found to stop!
Service\Driver key BdCameraProtect not found.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys moved successfully.
Error: No service named BdApiUtil was found to stop!
Service\Driver key BdApiUtil not found.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Baidu Antivirus deleted successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe moved successfully.
C:\ProgramData\Baidu\Antivirus folder moved successfully.
C:\ProgramData\Baidu folder moved successfully.
File C:\Windows\SysNative\drivers\Bprotect.sys not found.
File C:\Windows\SysNative\drivers\Bfmon.sys not found.
File C:\Windows\SysNative\drivers\Bfilter.sys not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\update folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\temp folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools\skin_translator\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools\skin_translator folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools\skin_file_shredder\skin\list_head folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools\skin_file_shredder\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools\skin_file_shredder folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\tools folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_investigate\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_investigate folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_feedback\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_feedback folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavui_frame\skin\menu folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavui_frame\skin\bavui folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavui_frame\skin\aboutus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavui_frame\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavui_frame folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin\msgbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin\menu folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\skin_bavtray folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\ieprotect\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\ieprotect\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\ieprotect\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\ieprotect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\tree folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\sysbutton folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\radiobox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin\bg folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\common folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bav_updater\skin\stepbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bav_updater\skin\progressbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bav_updater\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bav_updater\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bav_updater folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\tree folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\sysbutton folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\msgbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\menu folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin\bg folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin\bavcloud folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\qv folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\VirusList\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\VirusList\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\VirusList\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\VirusList folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\RemovedTips folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\LockList\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\LockList folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\FloatingWnd folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res\FailedTips folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_USBProtect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Trust\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Trust\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Trust folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Settings\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Settings\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Settings folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Quarantine\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Quarantine\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Quarantine folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res\skin\onaccess folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_OA folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips\res\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips\res\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips\res\skin\bg folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Hips folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res\skin\bg folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Pop_Download folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_LogStatus\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_LogStatus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\tree folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\tools folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\scrollbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\protect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\progressbar folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\feedback folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\engine folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\checkbox folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\button folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\bg folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\vflog folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\strlog folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\numlog folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\filestatlog folder moved successfully.
Folder move failed. C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log scheduled to be moved on reboot.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\Translator folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\investigate\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\investigate folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\ieprotect\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\ieprotect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\Font folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\fileshredder\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\fileshredder folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\feedback\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\feedback folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\context folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavUpdater\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavUpdater folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavUi\skin\antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavUi\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavUi folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavTray\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavTray folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin\main folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054\BavCloud folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1054 folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\Translator folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\investigate\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\investigate folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\ieprotect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\Font folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\fileshredder folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\feedback\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\feedback folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\context folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavUpdater folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin\antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavUi\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavUi folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavTray\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavTray folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin\main folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046\BavCloud folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1046 folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\Translator folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\investigate\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\investigate folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\ieprotect folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\Font folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\fileshredder folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\feedback\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\feedback folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\context folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavUpdater folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin\antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavUi\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavUi folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavTray\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavTray folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin\main folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud\skin folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033\BavCloud folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N\1033 folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\I18N folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\dump folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\DIYResource folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\dbg64 folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\data folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\avira\Mname folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\avira\idx folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\avira folder moved successfully.
Folder move failed. C:\Program Files (x86)\Baidu Security\Baidu Antivirus scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Baidu Security scheduled to be moved on reboot.
File C:\Windows\SysNative\drivers\Bprotect.sys not found.
File C:\Windows\SysNative\drivers\Bfmon.sys not found.
File C:\Windows\SysNative\drivers\Bfilter.sys not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Baidu Antivirus not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 12312013_181559

Files\Folders moved on Reboot...
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\strlog folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\numlog folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log folder moved successfully.
C:\Program Files (x86)\Baidu Security\Baidu Antivirus folder moved successfully.
C:\Program Files (x86)\Baidu Security folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Smeenk)

*Extraia o arquivo Zoek.com para o Desktop (Área de Trabalho)

*Execute-o, copie e cole as linhas em marrom no espaço do Zoek

Baidu;a
Baidu;z
emptyfolderscheck;delete
autoclean;
emptyalltemp;

*Feche o seu navegador e clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

*Cole ou anexe o relatório apresentado

Simulei desinstalar um programa pelo CCLEANER, pelo REVO e pelo PAINEL DE CONTROLE DO WINDOS.........em todas as opções aparece lá BAIDU ANTIVIRUS....só que eu não fiz mais nada.....segue ultimo relatório gerado pelo ZOEK.

Zoek.exe v5.0.0.0 Updated 28-December-2013
Tool run by SAMARA on 31/12/2013 at 18:45:52,84.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\SAMARA\Desktop\zoek\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-29-150807.log 23722 bytes
C:\zoek-results2013-12-29-190643.log 22417 bytes
C:\zoek-results2013-12-29-192426.log 19546 bytes
C:\zoek-results2013-12-29-200815.log 4128 bytes
C:\zoek-results2013-12-29-202220.log 4180 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\TuneUp Utilities 2014 deleted successfully
C:\PROGRA~2\Tweaking.com deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Program Files\Google deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\SAMARA\AppData\Roaming\0H1F2WtF1L1G1R deleted successfully
C:\Users\SAMARA\AppData\Roaming\HpUpdate deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Folders Found ======================

2013-12-31 16:14:49 2013-12-31 16:14:49 -------- d-----w- C:\FRST\Quarantine\Baidu
2013-12-29 20:08:15 2013-12-29 20:09:19 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2013-12-29 20:09:18 2013-12-29 20:09:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_PC Faster
2013-12-29 15:02:13 2013-12-29 20:16:21 -------- d---a-w- C:\zoek_backup\C_ProgramData_baidu
2013-12-29 20:09:17 2013-12-29 20:09:17 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2013-12-29 20:09:17 2013-12-29 20:16:21 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2013-12-29 20:09:17 2013-12-29 20:09:17 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2013-12-29 20:09:17 2013-12-29 20:09:18 -------- d---a-w- C:\zoek_backup\C_Users_samara_AppData_Roaming_Baidu Security
2013-12-29 20:08:15 2013-12-29 20:18:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2013-12-29 20:09:18 2013-12-29 20:09:18 -------- d---a-w- C:\zoek_backup\C_Users_samara_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2013-12-29 20:09:18 2013-12-29 20:09:18 -------- d---a-w- C:\zoek_backup\C_Users_samara_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2013-12-26 18:27:52 2013-12-31 20:18:10 -------- d-----w- C:\_OTL\MovedFiles\12312013_181559\C_Program Files (x86)\Baidu Security
2013-12-26 18:29:26 2013-12-31 20:18:10 -------- d-----w- C:\_OTL\MovedFiles\12312013_181559\C_Program Files (x86)\Baidu Security\Baidu Antivirus
2013-12-31 17:38:05 2013-12-31 20:17:01 -------- d-----w- C:\_OTL\MovedFiles\12312013_181559\C_ProgramData\Baidu
2013-12-26 18:29:46 2013-12-26 18:29:46 -------- d-----w- C:\_OTL\MovedFiles\12312013_181559\C_ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus

==== Files Found ======================


--- C:\FRST\Quarantine\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1198
Created time: 2013-12-26 18:29:46
Modified time: 2013-12-26 18:29:46
MD5: CAC81E060D561978CE7EB273BBC30597
SHA1: 83D3C734547C6BE29A166B5A23A8F6787FB9CBDA


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3426
Created time: 2013-12-29 15:02:17
Modified time: 2013-12-26 18:29:44
MD5: 8749E0CFE52013C726829074C4150FE2
SHA1: 0CC462029E94E70B4E434EE227BDBAB38BE62656


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-12-29 20:08:36
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-12-29 20:08:36
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\_OTL\MovedFiles\12312013_181559\C_Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\_OTL\MovedFiles\12312013_181559\C_Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\_OTL\MovedFiles\12312013_181559\C_ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1216
Created time: 2013-12-26 18:29:46
Modified time: 2013-12-26 18:29:46
MD5: 5E2989EBD1F4E494D8F8FDA157B3E27B
SHA1: 589C7357C38A9FBAA4867EA4570B82913D31900F


==== Registry Search Results for "Baidu" ======================


==== Chrome Look ======================

Chrome In-App Payments service - SAMARA - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:

New Values:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\SAMARA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\SAMARA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1585 folders=320 328320301 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\SAMARA\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

Sim...

O Baidu está na quarentena ou listado nas pastas de arquivos removidos pelos programas que utilizamos. Ele não está mais presente no PC.

Vamos encerrar tudo agora.


[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]


Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique [Run] e feche o relatório apresentado


Delete o DelFix e o arquivo C:\DelFix.txt


O PC está limpo.


Um abraço...

Valeuuuuuuuuu   milhões de coisas boas prá você....abração.