Como excluir o Baidu Antivirus?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:03:58, on 9/1/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\ARQUIV~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Meus documentos\Downloads\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Arquivos de programas\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Administrador\Dados de aplicativos\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify:  GbPluginAbn - C:\Arquivos de programas\GbPlugin\gbiehAbn.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe

--
End of file - 8032 bytes

 Olá rapido luziense. Seja bem vindo ao Fórum PC Brasil.

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt.

Ficamos na espera.

saiu esta lista abaixo agora como faço para excluir?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:03:58, on 9/1/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\ARQUIV~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrador\Meus documentos\Downloads\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Arquivos de programas\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Administrador\Dados de aplicativos\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify:  GbPluginAbn - C:\Arquivos de programas\GbPlugin\gbiehAbn.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe

--
End of file - 8032 bytes

Você postou o log do Hijackthis.

O log que preciso é o do AdwCleaner que está neste local do seu PC:

C:\AdwCleaner\AdwCleaner[S0].txt

sou meio leigo em computador, tentei excluir o baidu com o programa hijack

Marcos Felipe escreveu:Você postou o log do Hijackthis.

O log que preciso é o do AdwCleaner que está neste local do seu PC:

C:\AdwCleaner\AdwCleaner[S0].txt

Siga, por gentileza, as dicas do tutorial disponível no link abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt.

Ficamos na espera.

Ja tentei de tudo quanto e jeito e não consigo resolver.

Marcos Felipe escreveu: Siga, por gentileza, as dicas do tutorial disponível no link abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt.

Ficamos na espera.

você não precisa ficar tentando, é só seguir exatamente o que estou lhe pedindo que será resolvido.

Você seguiu exatamente o tutorial que lhe passei do AdwCleaner? tem que seguir o passo a passo que está no tutorial, lá tem até as fotos de como você deve fazer, não tem erro.

nao consigo abrir este programa no meu pc.

Marcos Felipe escreveu:você não precisa ficar tentando, é só seguir exatamente o que estou lhe pedindo que será resolvido.

Você seguiu exatamente o tutorial que lhe passei do AdwCleaner? tem que seguir o passo a passo que está no tutorial, lá tem até as fotos de como você deve fazer, não tem erro.

Então, deixemos este AdwCleaner para depois.
___________________________________________

Baixe o Zoek (...de Smeenk) [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e salve-o no Desktop (Área de Trabalho).

Ao acessar o link indicado acima, clique na opção de baixar a sua versão com a extensão ZIP, como mostra esta imagem:


Depois de baixá-lo extraia o seu conteúdo. Para isto basta clicar sobre o arquivo compactado que você acabou de baixar com o botão direito do mouse e escolher a opção Extrair aqui, como mostra esta imagem:


*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Copie todo este texto em marrom abaixo e cole-o no espaço em branco do Zoek:

autoclean;
emptyclsid;
emptytemp;
startupall;
Baidu;z
Baidu;a
hijackthis;
process;
uninstall-list;

*Clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]

Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

apece aqui para min um programa chamado Open IT?

rapido luziense escreveu:apece aqui para min um programa chamado Open IT?

Onde você viu este programa Open IT? estou te pedindo para baixar é o programa Zoek, o qual você encontra neste link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Quando acessar este link acima, clique na palavra Zip, como você pode ver neste exemplo abaixo:

Download zoek.exe version 5.0.0.0 (zip) (rar)

E depois de baixar ele, é só seguir exatamente aquelas instruções que lhe passei na resposta anterior.

0 que faço agora?

rapido luziense escreveu:0 que faço agora?

é só você seguir os passos que te indiquei acima: você faz o download do Zoek naquele site que te indiquei > extrai ele como lhe falei > clica com o botão direito do mouse sobre o ícone do Zoek.exe e escolhe a opção de executar como administrador > depois disto ele vai abrir > você então copia todo aquele texto em marrom que postei na outra resposta e cola este texto dentro do espaço em branco do Zoek > depois disto você clica no botão Run Script > então é só esperar o Zoek terminar a limpeza > quando ele terminar, copie o relatório que estará em C:\zoek-results.txt e poste isto em sua próxima resposta.

Consegui executar o AdwCleaner, aqui está o relatório dele:

# AdwCleaner v3.016 - Relatório criado 09/01/2014 às 14:21:42
# Atualizado 23/12/2013 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Administrador - USER
# Executando de : C:\Documents and Settings\Administrador\Meus documentos\Downloads\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\baidu
Pasta Deletada : C:\Documents and Settings\All Users\Menu Iniciar\Programas\open it!
Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\BonanzaDealsLive
Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mobogenie
Pasta Deletada : C:\Documents and Settings\Administrador\Dados de aplicativos\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Documents and Settings\Administrador\Meus documentos\Mobogenie
[!] Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
[!] Pasta Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Arquivo Deletada : C:\Documents and Settings\All Users\Desktop\Open It!.lnk
Arquivo Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\mysearchdial-speeddial.crx
Arquivo Deletada : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0047718.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0047718.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0047718.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0047718.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422772218}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455775518}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466776618}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444774418}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\Crossrider
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Chave Deletedo : HKLM\Software\InstallCore
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bonanza Deals
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v31.0.1650.63

[ Arquivo : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12589 octets] - [09/01/2014 14:20:52]
AdwCleaner[S0].txt - [12260 octets] - [09/01/2014 14:21:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12321 octets] ##########

Siga, por gentileza, as dicas do tutorial abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos.

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrador on qui 09/01/2014 at 14:47:47,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\baidu"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on qui 09/01/2014 at 14:56:18,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tente agora executar o procedimento que tinha indicado com o Zoek anteriormente e veja se é possível. E depois poste o relatório dele aqui em seu tópico.

Ficamos na espera.

Zoek.exe v5.0.0.0 Updated 09-Januari-2014
Tool run by Administrador on qui 09/01/2014 at 15:01:55,71.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Administrador\Meus documentos\Downloads\zoek.scr [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-07-074838.log 31950 bytes
C:\zoek-results2014-01-07-084539.log 23806 bytes
C:\zoek-results2014-01-07-085557.log 31977 bytes
C:\zoek-results2014-01-07-091624.log 32101 bytes
C:\zoek-results2014-01-07-094103.log 60785 bytes
C:\zoek-results2014-01-07-100903.log 53527 bytes
C:\zoek-results2014-01-09-042842.log 14854 bytes
C:\zoek-results2014-01-09-091836.log 67175 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
C:\Arquivos de programas\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\TeamViewer\Version9\TeamViewer.exe
C:\Arquivos de programas\TeamViewer\Version9\tv_w32.exe
C:\ARQUIV~1\MICROS~2\Office12\OUTLOOK.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Dados de aplicativos\Baidu deleted

==== Folders Found ======================

2014-01-09 09:51:43 2014-01-09 09:51:43 -------- d-----w- C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Dados de aplicativos\baidu
2014-01-06 12:02:09 2014-01-06 12:03:04 -------- d-----w- C:\Arquivos de programas\Baidu Security
2014-01-06 12:03:04 2014-01-09 10:26:27 -------- d-----w- C:\Arquivos de programas\Baidu Security\Baidu Antivirus
2014-01-09 03:22:28 2014-01-09 03:22:28 -------- d-----w- C:\Arquivos de programas\Baidu Security\Baidu Antivirus\update\baidu
2014-01-07 07:17:09 2014-01-07 07:17:10 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe
2014-01-07 10:02:47 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr
2014-01-07 07:17:40 2014-01-07 07:17:40 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe
2014-01-07 10:02:47 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr
2014-01-07 07:18:05 2014-01-07 07:18:05 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe
2014-01-07 10:02:47 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr
2014-01-07 07:18:24 2014-01-07 07:18:26 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe
2014-01-07 10:02:47 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr
2014-01-07 10:02:47 2014-01-07 10:02:54 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr
2014-01-07 08:47:40 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr
2014-01-07 08:47:40 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr
2014-01-07 08:47:40 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr
2014-01-07 08:47:40 2014-01-07 10:02:53 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr
2014-01-07 08:47:40 2014-01-07 10:02:54 -------- d-----w- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr
2014-01-06 12:07:59 2014-01-06 12:07:59 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security
2014-01-06 12:17:27 2014-01-06 12:17:27 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-01-06 12:17:27 2014-01-06 12:17:27 -------- d-----w- C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-01-07 07:25:37 2014-01-07 07:25:40 -------- d-----w- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Baidu PC Faster
2014-01-06 12:02:09 2014-01-06 12:07:48 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security
2014-01-06 12:06:43 2014-01-06 12:14:38 -------- d-----w- C:\Documents and Settings\All Users\Documentos\Baidu Security
2014-01-07 07:25:42 2014-01-07 07:25:43 -------- d-----w- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Baidu PC Faster
2014-01-07 09:34:22 2014-01-07 09:34:23 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_Administrador_Dados de aplicativos_Baidu
2014-01-09 09:06:09 2014-01-09 09:56:18 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_All Users_Dados de aplicativos_Baidu
2014-01-07 09:34:23 2014-01-06 12:03:51 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_Administrador_Dados de aplicativos_Baidu\Baidu Antivirus

==== Files Found ======================


--- C:\Arquivos de programas\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\Arquivos de programas\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll ---
Company: Baidu Inc.
File Description: PC Faster Interface Plugin Manager
File Version: 4,0,1,53744
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2012 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1262784
Created time: 2013-12-18 08:42:16
Modified time: 2013-12-18 08:42:16
MD5: C1AB5783F04AD930AC1247AEFA7324DF
SHA1: B4740F77C461AC07F03C0362BD0A3F44F37CBD7E


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 134244
Created time: 2013-11-27 09:51:20
Modified time: 2013-11-27 09:51:20
MD5: 8F3DD4DC7C018B4529FCE87C7C871A6B
SHA1: FCFAF556D83013022C85D987AB3FA5A79B99D95E


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36814
Created time: 2014-01-07 09:26:42
Modified time: 2014-01-07 09:26:42
MD5: 51002A20C9651142B49E83A58442E1F6
SHA1: B00474C7E8DD528A020DBD6D2459083C1F4DB588


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 134063
Created time: 2013-12-13 03:13:04
Modified time: 2013-12-13 03:13:04
MD5: 166DC9E2682D07D16E710C812EE28F36
SHA1: 600163BD7CE5B7ADF09EF58D849D28D16B6BEDF0


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 88133
Created time: 2014-01-07 09:29:24
Modified time: 2014-01-07 09:29:24
MD5: 88797A769532300E0463DD93C31E3BBA
SHA1: 4DD1AB5A11E5876D5895379A2320AE9F61335882


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 219394
Created time: 2013-12-09 08:43:06
Modified time: 2013-12-09 08:43:06
MD5: E5DD3C2A01A73FD0233DA1B812F9A4D0
SHA1: F3F7B417164F88A6144CA1E61EA2BB2026CA9752


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36308
Created time: 2014-01-07 09:30:49
Modified time: 2014-01-07 09:30:49
MD5: B235FA1EB30EB0BE481F467BAF2B4226
SHA1: F2E6F01451239D58EAB328FA91353E5C81E27BF4


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 243531
Created time: 2013-12-13 03:13:08
Modified time: 2013-12-13 03:13:08
MD5: EEFD9637A525277EB974E1DD0F5F9923
SHA1: 2E24AEFBF34F23CBB7C15D62B55D547CD5B3B5C3


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36511
Created time: 2014-01-07 09:32:13
Modified time: 2014-01-07 09:32:13
MD5: D19D16CFA1ACBF369052D10388EFDBD5
SHA1: 489AF1A698E43A2B39B190435EEF7C65070C1F67


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 4906
Created time: 2014-01-07 09:57:20
Modified time: 2014-01-07 09:57:20
MD5: 4B43E5222EA1E40873AA3332D00FC286
SHA1: E18F243574DE391D053DE64FC9F06E1ECA699BC1


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37461
Created time: 2014-01-07 09:26:34
Modified time: 2014-01-07 09:26:42
MD5: BBCF3790DC2F188C76F9CD9BA7EA4D7C
SHA1: 3AB640778187B784BD3512B621905BCC7F567201


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 89494
Created time: 2014-01-07 09:28:55
Modified time: 2014-01-07 09:29:24
MD5: 6A5254D2B114E5C95B43A6EAF2AC6BE0
SHA1: 5191F0F1131E546A745F1B3E6E271DE0F07DC8C2


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36927
Created time: 2014-01-07 09:30:35
Modified time: 2014-01-07 09:30:49
MD5: DA7BD1B0F7D8C6F4A4489A59508B4153
SHA1: DE076819438092F2030CF85E1E5784F3043E99B1


--- C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 37134
Created time: 2014-01-07 09:32:06
Modified time: 2014-01-07 09:32:13
MD5: CCB9F0414530AF17A3D8E108FAA1E3B2
SHA1: E2F977EBF904F4EEE2ADF4A5E5A1AB9B0E9817FD


--- C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1030
Created time: 2014-01-07 07:25:37
Modified time: 2014-01-07 07:25:39
MD5: 632A82F5E2767B8DF22E979D516E7947
SHA1: C9576E02B4FB9F9152C92B87B1166E65A147E183


--- C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security\RpData\rpFile-Baidu_Secure_SystemUp_4.0.1.53841-2014-01-07 01-45-26-0359-[7543].dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 763
Created time: 2014-01-07 07:15:26
Modified time: 2014-01-07 07:25:57
MD5: 93B3D81FB9B0B1777E66C1D226444EA5
SHA1: 2C6491BA1B76A2E1D233003FCD2232FD9EC8F6E9


--- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1030
Created time: 2014-01-07 07:25:42
Modified time: 2014-01-07 07:25:42
MD5: 632A82F5E2767B8DF22E979D516E7947
SHA1: C9576E02B4FB9F9152C92B87B1166E65A147E183


--- C:\zoek_backup\C_Arquivos de programas_Baidu Security_PC Faster_4.0.0.0_Plugins_Plugin.PluginRemover_data_searchya.rul.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 4083
Created time: 2014-01-07 09:34:24
Modified time: 2013-09-17 08:10:32
MD5: 025AE7AC88C42671CA6E78708732F093
SHA1: 4D7E0CC9368B7DDB146705B00F63E493BB36E201


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\Documents and Settings\\All Users\\Dados de aplicativos\\Baidu Security\\RpData\\rpFile-PcfTray-2014-01-09 01-26-52-0468-[13641].tmp"=""

"C:\\Documents and Settings\\All Users\\Dados de aplicativos\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-01-09 01-27-03-0125-[13677].tmp"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81EBAFAF-6E03-4884-87FE-C9F904A06347}\InprocServer32]
@="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFShellEx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BaiduShellEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win32]
@="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFShellEx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR]
@="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Baidu_Secure_SystemUp_4.0.1.53841]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Baidu_Secure_SystemUp_4.0.1.53841\DEBUG]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"="\"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe\" -auto -start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BAVSVC\0000]
"DeviceDesc"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHIPSSVC\0000]
"DeviceDesc"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000]
"DeviceDesc"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BAVSVC\0000]
"DeviceDesc"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHIPSSVC\0000]
"DeviceDesc"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000]
"DeviceDesc"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BAVSVC\0000]
"DeviceDesc"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHIPSSVC\0000]
"DeviceDesc"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000]
"DeviceDesc"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"="C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.eg.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web]
"ucloud"="u.eg.bav.baidu.com"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.forumpcbrasil.com/t1359-excluir-baidu?unwatch=topic"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu Antivirus]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu PC Faster]

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS8212~1\\15032898_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS8212~1\\15032834_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Baidu_Secure_SystemUp_4.0.1.53841.exe"="PC Faster Setup"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"="PC Faster"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"="PC Faster Tray"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFasterSvc.exe"="Baidu PC Faster Service"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\582422_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\582365_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\6133810_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\6133757_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\168747_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\168733_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1760317_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1760248_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1905139_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1905093_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\UninstCaller.exe"="Setup/Uninstall"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\2311238_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"="Setup Manager"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\2311210_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=" "
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\3146125_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"

"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=" "
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\3146078_stp\\PC_Faster_Setup_Mini_B26_S.exe"="Baidu PC Faster MiniSetup"

"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=" "
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\FileShredder.exe"="File Shredder"

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.eg.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.eg.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
"DivXMediaServer"="C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"Baidu PC Faster 4.0.0.0"="C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -auto -start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeARM"
"hkey"="HKLM"
"command"="\"C:\\Arquivos de programas\\Arquivos comuns\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ALCMTR"
"hkey"="HKLM"
"command"="ALCMTR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcWzrd]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ALCWZRD"
"hkey"="HKLM"
"command"="ALCWZRD.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Arquivos de programas\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hkcmd"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxpers"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDCPL"
"hkey"="HKLM"
"command"="RTHDCPL.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SkyTel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SkyTel"
"hkey"="HKLM"
"command"="SkyTel.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSERIAL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sm56hlpr"
"hkey"="HKLM"
"command"="C:\\Arquivos de programas\\Motorola\\SMSERIAL\\sm56hlpr.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [17/12/2013 07:57]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [26/10/2013 12:23]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [26/10/2013 12:23]

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
abmojiekfpcmkkfamgfcpgfgipocface - C:\Documents and Settings\Administrador\Configura‡äes locais\Dados de aplicativos\GAS Tecnologia\GBBD\abn\sf.crx[31/12/2013 08:59]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.rapidoluziense.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.rapidoluziense.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Uninstall List x86 ======================

Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Reader XI (11.0.05) - Português [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1046-7B44-AB0000000001}]
Arquivo do WinRAR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
Assistente de Conexão do Windows Live [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}]
Baidu Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
Claro 3G [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}]
Codec Pack Packages [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages]
DC-Bass Source 1.3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DC-Bass Source]
Ferramenta de Carregamento do Windows Live [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
HP Deskjet 2050 J510 series Software básico do dispositivo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6A653EE1-F8B9-4885-BB4A-E9D9481F626C}]
Instalação do DivX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup]
Intel(R) Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI]
Java 7 Update 45 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217045FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
Jump Flip [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip]
K-Lite Mega Codec Pack 9.9.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1]
Lagarith Lossless Codec (1.3.27) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1]
Módulo de Proteção Banco Santander 3.4.3.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1]
Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}]
Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0A0CADCF-78DA-33C4-A350-CD51849B9702}]
Microsoft Compression Client Pack 1.0 for Windows XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1]
Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE]
Microsoft User-Mode Driver Framework Feature Pack 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Motorola SM56 Data Fax Modem [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SMSERIAL]
MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
OpenSource Flash Video Splitter 1.0.0.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenSource Flash Video Splitter]
Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]
REALTEK RTL8187SE Wireless LAN Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}]
Skype™ 6.11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]
TeamViewer 9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer 9]
Update for Zip Extractor [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites]
VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}]
WebFldrs XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}]
Windows Internet Explorer 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ie8]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ED00D08A-3C5F-488D-93A0-A04F21F23956}]
Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}]
Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime]
Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11]
Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player]
Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11]
Zip Extractor Packages [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Extractor Packages]

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe" -auto -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: wwws.santandernet.com.br
O15 - Trusted Zone: wwws2.santandernet.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\Arquivos de programas\GbPlugin\gbiehAbn.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Arquivos de programas\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Arquivos de programas\TeamViewer\Version9\TeamViewer_Service.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configuraþ§es locais\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configuraþ§es locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configura?ºes locais\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configura?ºes locais\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrador\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\pc\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\pc\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\pc\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configuraþ§es locais\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Configura?ºes locais\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=196 folders=58 58666172 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp successfully emptied

==== EOF on qui 09/01/2014 at 15:16:44,71 ======================

marcos deu um pique de luz aqui parece que te desconectou da minha maquina

Copie todo este texto em marrom abaixo e cole-o no espaço em branco do Zoek:

Baidu Antivirus;u
C:\Arquivos de programas\Baidu Security;fs
C:\Arquivos de programas\Baidu Security\Baidu Antivirus;fs
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\update\baidu;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr;fs
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr;fs
C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security;fs
C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall;fs
C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK;fs
C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Baidu PC Faster;fs
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu;fs
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security;fs
C:\Documents and Settings\All Users\Documentos\Baidu Security;fs
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Baidu PC Faster;fs
C:\zoek_backup\C_Documents and Settings_Administrador_Dados de aplicativos_Baidu;fs
C:\zoek_backup\C_Documents and Settings_All Users_Dados de aplicativos_Baidu;fs
C:\zoek_backup\C_Documents and Settings_Administrador_Dados de aplicativos_Baidu\Baidu Antivirus;fs
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png;f
C:\Arquivos de programas\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z;f
C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin.7z;f
C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Baidu PC Faster\Baidu PC Faster.lnk;f
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security\RpData\rpFile-Baidu_Secure_SystemUp_4.0.1.53841-2014-01-07 01-45-26-0359-[7543].dat;f
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Baidu PC Faster\Baidu PC Faster.lnk;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp];r
"C:\\Documents and Settings\\All Users\\Dados de aplicativos\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-01-09 01-17-58-0625-[23654].tmp"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BaiduShellEx];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan];r
{0A93904A-BB1E-4a0c-9753-B57B9AE272CB};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}];r
@=-;r
{0A93904A-BB1E-4a0c-9753-B57B9AE272CB};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32];r
@=-;r
{0A93904A-BB1E-4a0c-9753-B57B9AE272CC};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32];r
@=-;r
{81EBAFAF-6E03-4884-87FE-C9F904A06347};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81EBAFAF-6E03-4884-87FE-C9F904A06347}\InprocServer32];r
@=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BaiduShellEx];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Baidu_Scan];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BaiduShellEx];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan];r
{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59};c
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\0\win32];r
@=-;r
{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{59E402E6-61EE-4BB4-9E5D-ECEB10FA9E59}\1.0\HELPDIR];r
@=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Baidu_Secure_SystemUp_4.0.1.53841];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Baidu_Secure_SystemUp_4.0.1.53841\DEBUG];r
{77FEF28E-EB96-44FF-B511-3185DEA48697};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Baidu Antivirus];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"Baidu PC Faster 4.0.0.0"=-;r
{0A93904A-BB1E-4a0c-9753-B57B9AE272CB};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved];r
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"DisplayIcon"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"UninstallString"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"URLInfoAbout"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"Publisher"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r
"InstallDir"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0];r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BAVSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHIPSSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdCameraProtect];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bhbase];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFasterSvc_{PCFaster_4.0.0.0}];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BAVSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHIPSSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFasterSvc_{PCFaster_4.0.0.0}];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BAVSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHIPSSVC\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PCFASTERSVC_{PCFASTER_4.0.0.0}\0000];r
"DeviceDesc"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc];r
"Description"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx];r
"DisplayName"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx];r
"InstPath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil];r
"ImagePath"=-;r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0}];r
"DisplayName"=-;r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web];r
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web];r
"ucloud"=-;r
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web];r
"dcloud"=-;r
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web];r
"rcloud"=-;r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web];r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web];r
"ucloud"=-;r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web];r
"dcloud"=-;r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\Antivirus\web];r
"rcloud"=-;r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Install];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\Statistic];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\4.0.0.0\UUReport];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Baidu Security\PC Faster\Setup];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu Antivirus];r
[-HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Baidu PC Faster];r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache];r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS8212~1\\15032898_stp\\BavPro_Setup_Mini_115.exe"=-;r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache];r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS8212~1\\15032834_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache];r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Baidu_Secure_SystemUp_4.0.1.53841.exe"=-;r
[HKEY_USERS\S-1-5-21-839522115-484763869-1417001333-500\Software\Microsoft\Windows\ShellNoRoam\MUICache];r
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\PCFasterSvc.exe"="Baidu PC Faster Service"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\Arquivos de programas\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\582422_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\582365_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\6133810_stp\\BavPro_Setup_Mini_115.exe"="Baidu Antivirus Updater"
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\6133757_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\168747_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS4563~1\\168733_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1760317_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1760248_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1905139_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\1905093_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\UninstCaller.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\2311238_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\Temporary Internet Files\\Content.IE5\\50XHTPB3\\Avast!%20Free%20Antivirus[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\2311210_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\3146125_stp\\BavPro_Setup_Mini_115.exe"=-;r
"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=-;r
"C:\\DOCUME~1\\ADMINI~1\\CONFIG~1\\Temp\\IS1590~1\\3146078_stp\\PC_Faster_Setup_Mini_B26_S.exe"=-;r
"C:\\Documents and Settings\\Administrador\\Configurações locais\\Temporary Internet Files\\Content.IE5\\20X7XJWX\\ZipExtractorSetup[1].exe"=-;r
"C:\\Arquivos de programas\\Baidu Security\\PC Faster\\4.0.0.0\\FileShredder.exe"=-;r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web];r
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web];r
"ucloud"=-;r
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web];r
"dcloud"=-;r
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web];r
"rcloud"=-;r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster];r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"Baidu PC Faster 4.0.0.0"=-;r
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

*Caso a reinicialização do PC seja solicitada, clique [OK]
______________________________________-

Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).

Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:




Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.

Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):



__________________________________________________________

Depois disto siga também as dicas destes tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
___________________________________

Seria bom também você seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
______________________________________

Poste o novo log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta e nos diga se o problema foi resolvido.

Ficamos na espera.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_________________________________________

P.S.: Depois de ter executado o Zoek e gerado o relatório deste link acima, executei os outros procedimentos de limpeza que você me passou (Ccleaner, Purera, ATF Cleaner e o tutorial para deixar o computador mais rápido e eficiente) e todos os outros itens pertencentes ao Baidu foram removidos.

O computador ficou muito mais rápido que antes.

Obrigado.

 Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)

*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Clique em [Run]

Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt

  Um abraço!

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.