Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 115 usuários online :: 0 registrados, 0 invisíveis e 115 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Como remover o antivirus Baidu completamente do PC?
3 participantes
Página 1 de 1
Como remover o antivirus Baidu completamente do PC?
por CactosCola Qua 09 Abr 2014, 18:42
Olá
Estou tentando instalar o antivirus kaspersky, mas sempre da o recado que tenho que desinstalar o baidu antivirus (não consigo achá-lo no PC). Fiz o procedimento de limpeza com o AdwCleaner conforme vi em outro tópico, realmente apareceu uma pasta com o baidu e ele limpou, mas o kaspersky continua dando o mesmo recado. O que faço ignoro e instalo assim mesmo? Desde ja obrigado
Estou tentando instalar o antivirus kaspersky, mas sempre da o recado que tenho que desinstalar o baidu antivirus (não consigo achá-lo no PC). Fiz o procedimento de limpeza com o AdwCleaner conforme vi em outro tópico, realmente apareceu uma pasta com o baidu e ele limpou, mas o kaspersky continua dando o mesmo recado. O que faço ignoro e instalo assim mesmo? Desde ja obrigado
CactosCola- Iniciante
- Mensagens : 4
Reputação : 0
Data de inscrição : 09/04/2014
Re: Como remover o antivirus Baidu completamente do PC?
por Power Max Qua 09 Abr 2014, 18:48
Olá CactosCola. Seja bem vindo ao Fórum PC Brasil.
Poste aqui em seu tópico o relatório do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt para que possamos analisar. Ficamos na espera.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
relatório adwcleaner
por CactosCola Qua 09 Abr 2014, 23:20
Envio o relatório conforme solicitado.
AdwCleaner v3.023 - Relatório criado 09/04/2014 às 17:44:00
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : ESTEVES - LEONARDO
# Executando de : C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJ9EDMM4\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files (x86)\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\InstallCore
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16843
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [989 octets] - [09/04/2014 17:41:12]
AdwCleaner[S0].txt - [854 octets] - [09/04/2014 17:44:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [913 octets] ##########
AdwCleaner v3.023 - Relatório criado 09/04/2014 às 17:44:00
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : ESTEVES - LEONARDO
# Executando de : C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJ9EDMM4\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\Program Files (x86)\baidu
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\InstallCore
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16843
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [989 octets] - [09/04/2014 17:41:12]
AdwCleaner[S0].txt - [854 octets] - [09/04/2014 17:44:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [913 octets] ##########
CactosCola- Iniciante
- Mensagens : 4
Reputação : 0
Data de inscrição : 09/04/2014
Re: Como remover o antivirus Baidu completamente do PC?
por Power Max Qua 09 Abr 2014, 23:32
Desative temporariamente seu antivírus para evitar conflitos.Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qui 17 Abr 2014, 10:04, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Log do Zoek
por CactosCola Qui 10 Abr 2014, 13:32
Continua a mesma coisa. Acho que o log é esse:
k.exe v5.0.0.0 Updated 07-March-2014
Tool run by ESTEVES on 10/04/2014 at 12:02:46,87.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ESTEVES\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10/04/2014 12:03:55 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
==== Folders Found ======================
2014-03-03 16:22:59 2014-03-03 16:22:59 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-03-03 16:24:15 2014-03-05 03:26:05 -------- d-----w- C:\ProgramData\Baidu Security
2014-03-03 16:24:15 2014-03-05 03:26:05 -------- d-----w- C:\Users\All Users\Baidu Security
2014-03-03 16:22:59 2014-03-03 16:22:59 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security
2014-04-09 11:50:02 2014-04-09 11:50:02 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-09 11:50:04 2014-04-09 11:50:04 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-03-03 16:22:59 2014-03-03 16:28:41 -------- d-----w- C:\Users\Public\Documents\Baidu Security
==== Files Found ======================
--- C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\05HXZNWA\38678-como-desinstalar-o-baidu-faster-pc-da-sua-maquina[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 39087
Created time: 2014-04-09 12:45:42
Modified time: 2014-04-09 12:45:42
MD5: B187BC7BED124DB39F28EEC22F50D2D1
SHA1: B9E9F7BD4421C332903498CC85EE275165694AB7
--- C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\05HXZNWA\t1895-remover-o-antivirus-baidu[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 28561
Created time: 2014-04-09 20:39:05
Modified time: 2014-04-09 20:39:05
MD5: 763D3571B03C12F28018626838CF6C36
SHA1: 93C186258D8C983005FA11278FEDDF34C6104521
--- C:\Users\ESTEVES\AppData\Local\Temp\A81D14EB-C029-11E3-BE7F-0CD2929508D9\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-09 20:58:15
Modified time: 2014-04-07 15:26:08
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-25-08-0905-[2945].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-03 03-25-08-0967-[2945].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-30-12-0671-[3937].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-12 03-28-56-0062-[8112].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-04-18-0151-[9511].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-20 03-11-22-0044-[24358].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-26 03-55-05-0850-[10108].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-19-44-0409-[15321].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-04-09 04-22-33-0910-[28374].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\Setup]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [24/03/2014 10:51]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ESTEVES\AppData\Roaming\TomTom\HOME\Profiles\jyenhndw.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
blbkdnmdcafmfhinpmnlhhddbepgkeaa - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[14/10/2013 15:37]
hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[14/10/2013 15:37]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[14/10/2013 15:37]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[24/03/2014 10:48]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[14/10/2013 15:37]
Google Docs - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Safe Money - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Dangerous Websites Blocker - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Google Wallet - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Anti-Banner - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
Kaspersky URL Advisor - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Video Download - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\djmgfiokceelcoeihknfhbnnbboaibkm
Safe Money - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Dangerous Websites Blocker - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Anti-Banner - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_hp_16_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_hp_16_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{98CBCC55-E88E-4496-BE85-A5E591D0D9B3}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{98CBCC55-E88E-4496-BE85-A5E591D0D9B3} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Preferences was reset successfully
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Microsoft\Internet Explorer\SearchScopes\{98CBCC55-E88E-4496-BE85-A5E591D0D9B3} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\Desktop\Safe Money.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe -safebanking
C:\Users\ESTEVES\Desktop\pendrive azul\ocorrencia diversa - Incêndio.lnk -
C:\Users\ESTEVES\Desktop\pendrive azul\Ocorrência Diversa - Modelo (2).doc.lnk -
C:\Users\ESTEVES\Desktop\pendrive preto\laudo pericial (3).lnk - C:\Users\ESTEVES\Downloads\laudo pericial.pdf
C:\Users\ESTEVES\Desktop\pendrive preto\Modelo de Laudo - Sugestão com tutorial.lnk -
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Guia de Usuário.lnk -
C:\Users\Public\Desktop\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4
C:\Users\Public\Desktop\Kaspersky Internet Security.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe
C:\Users\Public\Desktop\Lenovo YouCam.lnk - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
C:\Users\Public\Desktop\Microsoft Office 2013 Activation.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Public\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
==== shortcuts in Users Start Menu ======================
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Ajuda Online de Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Power2Go.chm
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Leia-me.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Readme.htm
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter\Uninstall Price Metar.lnk - C:\Users\ESTEVES\AppData\Local\PriceMeter\uninst.exe /uninstall
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2014.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2014.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2014.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk - C:\Program Files (x86)\Ares\data\Homepage.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk - C:\Program Files (x86)\Ares\chatServer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk - C:\Program Files (x86)\Ares\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.04 .lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.04.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Desinstalar TomTom HOME 2.lnk - C:\Windows\SysWOW64\msiexec.exe /x {99072AB4-D795-44D5-9D65-E3C9F8322C97}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk - C:\WINDOWS\Installer\{99072AB4-D795-44D5-9D65-E3C9F8322C97}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UserGuide.lnk - C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\ESTEVES\Documents\Fernand\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\Documents\Fernand\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=13 folders=9 101306649 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ESTEVES\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\ESTEVES\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 10/04/2014 at 13:12:00,63 ======================
k.exe v5.0.0.0 Updated 07-March-2014
Tool run by ESTEVES on 10/04/2014 at 12:02:46,87.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ESTEVES\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10/04/2014 12:03:55 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Package Cache deleted
==== Folders Found ======================
2014-03-03 16:22:59 2014-03-03 16:22:59 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-03-03 16:24:15 2014-03-05 03:26:05 -------- d-----w- C:\ProgramData\Baidu Security
2014-03-03 16:24:15 2014-03-05 03:26:05 -------- d-----w- C:\Users\All Users\Baidu Security
2014-03-03 16:22:59 2014-03-03 16:22:59 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security
2014-04-09 11:50:02 2014-04-09 11:50:02 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-09 11:50:04 2014-04-09 11:50:04 -------- d-----w- C:\Users\ESTEVES\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-03-03 16:22:59 2014-03-03 16:28:41 -------- d-----w- C:\Users\Public\Documents\Baidu Security
==== Files Found ======================
--- C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\05HXZNWA\38678-como-desinstalar-o-baidu-faster-pc-da-sua-maquina[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 39087
Created time: 2014-04-09 12:45:42
Modified time: 2014-04-09 12:45:42
MD5: B187BC7BED124DB39F28EEC22F50D2D1
SHA1: B9E9F7BD4421C332903498CC85EE275165694AB7
--- C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\05HXZNWA\t1895-remover-o-antivirus-baidu[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 28561
Created time: 2014-04-09 20:39:05
Modified time: 2014-04-09 20:39:05
MD5: 763D3571B03C12F28018626838CF6C36
SHA1: 93C186258D8C983005FA11278FEDDF34C6104521
--- C:\Users\ESTEVES\AppData\Local\Temp\A81D14EB-C029-11E3-BE7F-0CD2929508D9\Cleaner\baidu_av_4_0_3_57478.ini ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-04-09 20:58:15
Modified time: 2014-04-07 15:26:08
MD5: C9F2E09C386C9A6E5434D21A0200F6E0
SHA1: 442F80424FDDE56047D0E11824A66CCC37D89CE4
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-25-08-0905-[2945].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-03 03-25-08-0967-[2945].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-30-12-0671-[3937].tmp"=""
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-12 03-28-56-0062-[8112].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-04-18-0151-[9511].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-20 03-11-22-0044-[24358].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-26 03-55-05-0850-[10108].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-19-44-0409-[15321].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-04-09 04-22-33-0910-[28374].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"="Baidu ProtectEx"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\Setup]
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [24/03/2014 10:51]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ESTEVES\AppData\Roaming\TomTom\HOME\Profiles\jyenhndw.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
blbkdnmdcafmfhinpmnlhhddbepgkeaa - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[14/10/2013 15:37]
hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[14/10/2013 15:37]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[14/10/2013 15:37]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[24/03/2014 10:48]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[14/10/2013 15:37]
Google Docs - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Safe Money - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Dangerous Websites Blocker - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Google Wallet - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Anti-Banner - ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
Kaspersky URL Advisor - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Video Download - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\djmgfiokceelcoeihknfhbnnbboaibkm
Safe Money - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Dangerous Websites Blocker - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Anti-Banner - ESTEVES\AppData\Local\Spark\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_hp_16_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_hp_16_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{98CBCC55-E88E-4496-BE85-A5E591D0D9B3}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{98CBCC55-E88E-4496-BE85-A5E591D0D9B3} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Preferences was reset successfully
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Microsoft\Internet Explorer\SearchScopes\{98CBCC55-E88E-4496-BE85-A5E591D0D9B3} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\Desktop\Safe Money.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe -safebanking
C:\Users\ESTEVES\Desktop\pendrive azul\ocorrencia diversa - Incêndio.lnk -
C:\Users\ESTEVES\Desktop\pendrive azul\Ocorrência Diversa - Modelo (2).doc.lnk -
C:\Users\ESTEVES\Desktop\pendrive preto\laudo pericial (3).lnk - C:\Users\ESTEVES\Downloads\laudo pericial.pdf
C:\Users\ESTEVES\Desktop\pendrive preto\Modelo de Laudo - Sugestão com tutorial.lnk -
C:\Users\USURIO~1\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Guia de Usuário.lnk -
C:\Users\Public\Desktop\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4
C:\Users\Public\Desktop\Kaspersky Internet Security.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe
C:\Users\Public\Desktop\Lenovo YouCam.lnk - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
C:\Users\Public\Desktop\Microsoft Office 2013 Activation.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Public\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Public\Desktop\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
==== shortcuts in Users Start Menu ======================
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Ajuda Online de Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Power2Go.chm
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Leia-me.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Ptb\Readme.htm
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter\Uninstall Price Metar.lnk - C:\Users\ESTEVES\AppData\Local\PriceMeter\uninst.exe /uninstall
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2013.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Ajuda do IRPF2014.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Desinstalar IRPF2014.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\IRPF - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País\Leia-me do IRPF2014.lnk -
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk - C:\Program Files (x86)\Ares\data\Homepage.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk - C:\Program Files (x86)\Ares\chatServer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk - C:\Program Files (x86)\Ares\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.04 .lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.04.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.04 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Desinstalar TomTom HOME 2.lnk - C:\Windows\SysWOW64\msiexec.exe /x {99072AB4-D795-44D5-9D65-E3C9F8322C97}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk - C:\WINDOWS\Installer\{99072AB4-D795-44D5-9D65-E3C9F8322C97}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\ESTEVES\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\ESTEVES\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UserGuide.lnk - C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\ESTEVES\Documents\Fernand\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ESTEVES\Documents\Fernand\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\ESTEVES\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ESTEVES\AppData\Local\Spark\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=13 folders=9 101306649 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ESTEVES\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\ESTEVES\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 10/04/2014 at 13:12:00,63 ======================
CactosCola- Iniciante
- Mensagens : 4
Reputação : 0
Data de inscrição : 09/04/2014
Re: Como remover o antivirus Baidu completamente do PC?
por Power Max Qui 10 Abr 2014, 13:57
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Qui 17 Abr 2014, 10:05, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Log solicitado
por CactosCola Qui 10 Abr 2014, 14:29
O log é esse:
oek.exe v5.0.0.0 Updated 07-March-2014
Tool run by ESTEVES on 10/04/2014 at 14:22:07,23.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ESTEVES\Downloads\zoek (1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-10-161200.log 26603 bytes
==== System Restore Info ======================
10/04/2014 14:23:56 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-25-08-0905-[2945].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-03 03-25-08-0967-[2945].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-30-12-0671-[3937].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-12 03-28-56-0062-[8112].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-04-18-0151-[9511].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-20 03-11-22-0044-[24358].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-26 03-55-05-0850-[10108].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-19-44-0409-[15321].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-04-09 04-22-33-0910-[28374].tmp"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\ESTEVES\AppData\Roaming\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
==== Folders Found ======================
2014-04-10 17:24:40 2014-04-10 17:24:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-10 17:24:42 2014-04-10 17:24:43 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-10 17:24:43 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-10 17:24:44 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-10 17:24:44 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-10 17:24:45 2014-04-10 17:24:45 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=60 folders=59 123678682 bytes)
==== EOF on 10/04/2014 at 14:26:27,32 ======================
oek.exe v5.0.0.0 Updated 07-March-2014
Tool run by ESTEVES on 10/04/2014 at 14:22:07,23.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ESTEVES\Downloads\zoek (1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-10-161200.log 26603 bytes
==== System Restore Info ======================
10/04/2014 14:23:56 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-25-08-0905-[2945].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-03 03-25-08-0967-[2945].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-03 03-30-12-0671-[3937].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-12 03-28-56-0062-[8112].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-04-18-0151-[9511].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-20 03-11-22-0044-[24358].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-26 03-55-05-0850-[10108].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-04-08 04-19-44-0409-[15321].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-04-09 04-22-33-0910-[28374].tmp"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCFApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil]
"ImagePath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-366580816-1179003477-3104646276-1001\Software\Baidu Security\PC Faster\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\ESTEVES\AppData\Roaming\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted
==== Folders Found ======================
2014-04-10 17:24:40 2014-04-10 17:24:42 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-10 17:24:42 2014-04-10 17:24:43 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-10 17:24:43 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-10 17:24:44 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-04-10 17:24:46 2014-04-10 17:24:46 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-04-10 17:24:44 2014-04-10 17:24:44 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-10 17:24:45 2014-04-10 17:24:45 -------- d---a-w- C:\zoek_backup\C_Users_ESTEVES_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
==== Files Found ======================
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=60 folders=59 123678682 bytes)
==== EOF on 10/04/2014 at 14:26:27,32 ======================
CactosCola- Iniciante
- Mensagens : 4
Reputação : 0
Data de inscrição : 09/04/2014
Re: Como remover o antivirus Baidu completamente do PC?
por Power Max Qui 10 Abr 2014, 14:33
Desative temporariamente seu antivírus para evitar conflitos.*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que lhe passei.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Como remover o antivirus Baidu completamente do PC?
por Danii Sáb 26 Abr 2014, 10:25
TÓPICO ARQUIVADO
Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Conteúdo patrocinado
Tópicos semelhantes» Remover o baidu antivirus
» Remover AntiVirus Baidu
» Remover Baidu antivirus
» Remover Baidu Antivirus.
» remover o antivirus Baidu
» Remover AntiVirus Baidu
» Remover Baidu antivirus
» Remover Baidu Antivirus.
» remover o antivirus Baidu
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos