Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14838 usuários registrados
O último membro registrado é Lanterna Verde com Disco

Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Últimos assuntos
» Disco 100% 2024 - Windows 10
por joram Ter 12 Nov 2024, 08:56

Quem está conectado?
17 usuários online :: 0 registrados, 0 invisíveis e 17 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

novembro 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário


Como faço para remover o "ads by offersWizard" ??

2 participantes

Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Sex 20 Jun 2014, 14:04

Alguem ai poderia me ajudar e virus de publicidade ta toda hora fechando as minhas paginas... Agredeço quem me ajudar!!
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sex 20 Jun 2014, 14:37

Olá Rafael.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Sex 20 Jun 2014, 15:45

Segue o historico

# AdwCleaner v3.212 - Report created 20/06/2014 at 15:26:50
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Iara Coelho - IARACOELHO-PC
# Running from : C:\Users\Iara Coelho\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : buuoujqmrk64
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IePluginServices
Service Deleted : LPTSystemUpdater
Service Deleted : NewPlayerUpdaterService
[#] Service Deleted : savesenselive
[#] Service Deleted : savesenselivem
[#] Service Deleted : Wajam Internet Enhancer Service
[#] Service Deleted : Wpm

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Activeris
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\SaveSenseLive
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_to_day
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Program Files (x86)\Activeris AntiMalware
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\HomeTab
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\NewPlayer
Folder Deleted : C:\Program Files (x86)\PC Speed Maximizer
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SaveSense
Folder Deleted : C:\Program Files (x86)\SaveSenseLive
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Uninstaller
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Program Files\HomeTab
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\baidu
Folder Deleted : C:\Users\IARACO~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\Freesofttoday
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\LPT
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\NewPlayer
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\SaveSenseLive
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\Tuguu_SL
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\VNT
Folder Deleted : C:\Users\Iara Coelho\AppData\Local\webplayer
Folder Deleted : C:\Users\Iara Coelho\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Iara Coelho\AppData\LocalLow\HomeTab
Folder Deleted : C:\Users\Iara Coelho\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\Iara Coelho\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\Activeris
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\baidu
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\File Type Helper
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\qone8
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\SaveSense
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\SimplyTech
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Folder Deleted : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Iara Coelho\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\Public\Documents\baidu
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\NewPlayer.lnk
File Deleted : C:\Windows\System32\acrisnative64.exe
File Deleted : C:\Windows\System32\Tasks\Activeris AntiMalware_startup
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\Browser Updater
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\ProtectedSearch
File Deleted : C:\Windows\Tasks\SaveSense.job
File Deleted : C:\Windows\System32\Tasks\SaveSense
File Deleted : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-1.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-1
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-11.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-11
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-2.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-2
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-3.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-3
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-4.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-4
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-5.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-5
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-6.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-6
File Deleted : C:\Windows\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-7.job
File Deleted : C:\Windows\System32\Tasks\9e32ad75-2f65-45bb-94fe-78af733e1738-7
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-1.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-1
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-2.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-2
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-3.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-3
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-4.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-4
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-5.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-5
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-6.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-6
File Deleted : C:\Windows\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-7.job
File Deleted : C:\Windows\System32\Tasks\dca6915e-c188-42e3-ae3b-6edb861f0320-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Iara Coelho\Desktop\Search.lnk
Shortcut Disinfected : C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nhjnmokdaalmckkikjklibeakholpham
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SaveSenseLive.exe
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BrowserAppCoreService]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058488.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058488.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058488.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058488.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059564.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059564.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059564.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059564.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511841188}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951164}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522842288}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952264}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555845588}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955564}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566846688}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956664}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544844488}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954464}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511841188}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951164}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511841188}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511951164}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511841188}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951164}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522842288}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952264}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555845588}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955564}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566846688}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956664}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511841188}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951164}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\SaveSense
Key Deleted : HKCU\Software\SaveSenseLive
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\NewPlayer
Key Deleted : HKLM\Software\qone8Software
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\SaveSense
Key Deleted : HKLM\Software\SaveSenseLive
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qone8 uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveSense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl []
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16633 octets] - [22/01/2014 23:26:48]
AdwCleaner[R1].txt - [1796 octets] - [23/02/2014 11:47:25]
AdwCleaner[R2].txt - [12399 octets] - [10/03/2014 14:14:22]
AdwCleaner[R3].txt - [36519 octets] - [20/06/2014 15:26:25]
AdwCleaner[S0].txt - [16575 octets] - [22/01/2014 23:44:15]
AdwCleaner[S1].txt - [1844 octets] - [23/02/2014 11:47:54]
AdwCleaner[S2].txt - [9577 octets] - [10/03/2014 14:18:45]
AdwCleaner[S3].txt - [29699 octets] - [20/06/2014 15:26:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [29760 octets] ##########
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sex 20 Jun 2014, 15:56

No seu PC está constando o antivirus Baidu instalado. Você quer continuar com ele ou quer desinstalá-lo?

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek:

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Sex 20 Jun 2014, 16:22


Segue parceiro  como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? 404338 


Zoek.exe v5.0.0.0 Updated 20-06-2014
Tool run by Iara Coelho on 20/06/2014 at 16:02:04,42.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Iara Coelho\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-24-194144.log 19347 bytes
C:\zoek-results2014-03-10-231104.log 16436 bytes

==== System Restore Info ======================

20/06/2014 16:03:35 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Plus-HD-V1.6 deleted
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\SystemSockets deleted
C:\windows\SysNative\Tasks\Browser Updater deleted
C:\Users\Iara Coelho\Downloads\DownloadManagerSetup (1).exe deleted
C:\Users\Iara Coelho\Downloads\DownloadManagerSetup.exe deleted
C:\Users\Iara Coelho\Searches deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\ProtectedSearch deleted
C:\Windows\Launcher.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Iara Coelho\Desktop\Search.lnk deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.ActionEngine.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.BrowserMessaging.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Common.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.CommunicationEngine.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.DefaultSearchProvider.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.HeartBeat.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Logging.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Models.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.RulesEngine.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Suppression.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.UserInfo.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Utils.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.WebSocketServer.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.XMLDataProvider.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.XmlEngine.dll" not deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\FiddlerCore.dll" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\ShopAtHome_BAC_Service.exe" deleted
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service" not deleted

==== Folders Found ======================

2014-01-23 02:44:16 2014-06-20 18:26:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-20 18:27:02 2014-06-20 18:27:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Local\Temp\baidu
2014-06-20 18:27:09 2014-06-20 18:27:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Roaming\baidu
2014-06-20 18:27:10 2014-06-20 18:27:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Roaming\baidu\Baidu Antivirus
2014-06-20 18:27:13 2014-06-20 18:27:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-05-19 20:55:38 2014-06-13 15:37:55 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-05-19 20:55:38 2014-06-13 19:34:05 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-05-19 20:55:59 2014-06-13 15:39:02 -------- d-----w- C:\ProgramData\Baidu Security
2014-05-19 20:55:59 2014-06-13 15:39:02 -------- d-----w- C:\Users\All Users\Baidu Security
2014-06-04 07:03:08 2014-06-04 07:03:08 -------- d-----w- C:\Users\Iara Coelho\AppData\Local\Temp\baidu_secure
2014-06-13 15:39:04 2014-06-13 15:39:04 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\Baidu Security
2014-02-25 21:05:21 2014-02-25 21:05:21 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR
2014-02-25 21:05:21 2014-02-25 21:05:21 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\BaiduPcFaster.DIR
2014-02-25 21:05:21 2014-02-24 19:40:32 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Antivirus
2014-06-13 15:38:23 2014-06-13 15:59:41 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-02-24 19:35:48 2014-02-24 19:35:48 -------- d---a-w- C:\zoek_backup\C_Users_Iara Coelho_AppData_Roaming_Baidu
2014-02-24 19:35:48 2014-02-24 19:18:07 -------- d---a-w- C:\zoek_backup\C_Users_Iara Coelho_AppData_Roaming_Baidu\Baidu Antivirus

==== Files Found ======================


--- C:\Users\Iara Coelho\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HP3SNZE0\Baidu%20PC%20Faster[1].htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 16
Created time: 2014-06-13 18:38:28
Modified time: 2014-06-13 18:38:28
MD5: CE08A60AA308225DB15C98EDF4AE2447
SHA1: BACF25489BAD0312AA2F37FC735FA7E57B2D7306


--- C:\Users\Iara Coelho\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HP3SNZE0\BaiduAV[1].exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 657080
Created time: 2014-06-04 07:03:05
Modified time: 2014-06-04 07:03:06
MD5: 33CA9785B4DB85594E96BC59E183210C
SHA1: EE0B5E375B942225B6E3E2D539752EE4AF4F8897


--- C:\Users\Iara Coelho\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.7.72269.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.7.72269
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 22038328
Created time: 2014-06-13 15:37:55
Modified time: 2014-06-13 15:37:55
MD5: 97BE70318019DBC363757D68261F67C8
SHA1: AB7A5412F9C6B0ED615935592852596762B178D4


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]
"installDir"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\SparkSafe\\CrashUL.exe|Name=SparkSafe|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe|Name=bdtray|Desc=bdtray|"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\baidubrowser]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\baidubrowser.tieba]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\BaiduSpark]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\SparkSafe]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"="C:\\Users\\Iara Coelho\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1111.exe"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"="0"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\UserInfoStorage]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\UserInfoStorage2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\ClosedItemRegister]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\Topsites_V2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_uninstall_channel_info.cgi?uninstall_channel=Baixaki|br|IBD|Bundle&version=4.0.7.72269&userid=0795549994123ecf1365ffe1dffc354b&old_userid=W-DCWPA3-E0CB4ECBBCEB!c2d55fa8-6d22-43c2-9ce9-741e862995dc@#E0CB4ECBBCEB&install_time=2014-06-13 15:38:23&parent_name="

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]
"url"="http://sync.security.baidu.co.th/cgi-bin-py/get_uninstall_channel_info.cgi?uninstall_channel=Baixaki|br|IBD|Bundle&version=4.0.7.72269&userid=0795549994123ecf1365ffe1dffc354b&old_userid=W-DCWPA3-E0CB4ECBBCEB!c2d55fa8-6d22-43c2-9ce9-741e862995dc@#E0CB4ECBBCEB&install_time=2014-06-13 15:38:23&parent_name="

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="bdtray"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"="bdtray"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46]
panpiecllaicaafneoofcmdgmbcihhnd - C:\ProgramData\AskPartnerNetwork\Toolbar\BTR-V7\CRX\ToolbarCR.crx[]

Google Docs - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
ShopAtHome.com extension - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc
Plus-HD-V1.6 - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgielablfighaafogapfgpnlieaajbgk
Skype Click to Call - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.wajam.com_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.wajam.com_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_dead-island.softonic.com.br_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_dead-island.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_utorrent.softonic.com.br_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_utorrent.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgielablfighaafogapfgpnlieaajbgk deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0.localstorage deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0.localstorage-journal deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\databases\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0 deleted successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=bav_pro_hp_01_hao123_br"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=bav_pro_hp_01_hao123_br"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
@="http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Bar"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
"Search Page"="http://search.certified-toolbar.com?si=80415&tid=23890&ver=6.3&ts=1401850800000.000000&tguid=80415-23890-1401864800293-51AB4FEC3D1E02FC4BC5810E437C2844&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{92aa6038-35c9-4666-893f-84716dec281c} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Iara Coelho\Desktop\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\Users\Iara Coelho\Desktop\FrostWire 5.5.5.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe
C:\Users\Iara Coelho\Desktop\FrostWire 5.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe
C:\Users\Iara Coelho\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Iara Coelho\Desktop\Need for Speed™️ ProStreet.lnk -
C:\Users\Iara Coelho\Desktop\µTorrent.lnk -
C:\Users\UpdatusUser\Desktop\Hao123.lnk - C:\Users\Iara Coelho\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Application Manager.lnk - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
C:\Users\Public\Desktop\Age of Empires III.lnk - C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\F1 Race Stars.lnk - C:\Program Files (x86)\F1 Race Stars\F1RaceStars.exe
C:\Users\Public\Desktop\FarCry 3.lnk - C:\Program Files (x86)\FarCry 3\bin\farcry3.exe
C:\Users\Public\Desktop\HP Deskjet 1000 J110 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1000 J110 series\Bin\HP Deskjet 1000 J110 series.exe
C:\Users\Public\Desktop\ImgBurn.lnk - C:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk - C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3 Platinum\RCT3plus.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil\Hao123.lnk - C:\Users\Iara Coelho\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Buscar Meu iPhone.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe find
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendário.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contatos.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe contacts
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotos do iCloud.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Lembretes.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe reminders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe mail
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notas.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe notes
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Painel de Controle iCloud.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Donate PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\Donate PDFCreator.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\History.lnk - C:\Program Files (x86)\PDFCreator\History.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Help.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator_english.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator on the Web.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Translation Tool.lnk - C:\Program Files (x86)\PDFCreator\languages\TransTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF Console Application.lnk - C:\Windows\System32\cmd.exe /k "C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDFC.exe"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF.lnk - C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\AFPL License.lnk - C:\Program Files (x86)\PDFCreator\AFPL License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\FairPlay License.lnk - C:\Program Files (x86)\PDFCreator\FairPlay License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\GPL License.lnk - C:\Program Files (x86)\PDFCreator\GNU License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Iara Coelho\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Iara Coelho\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1111.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:59442;https=127.0.0.1:59442"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\panpiecllaicaafneoofcmdgmbcihhnd deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-V1.6 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ac3fd38-27b0-428d-b368-7b0dbd1e78f0}_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Iara Coelho\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Iara Coelho\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8NWL49W will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Iara Coelho\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=655 folders=91 36589817 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Iara Coelho\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\IARACO~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Common.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.CommunicationEngine.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.DefaultSearchProvider.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.HeartBeat.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.Logging.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.WebSocketServer.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.XMLDataProvider.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\Belcaro.BrowserAppCore.XmlEngine.dll" not found
"C:\Users\Iara Coelho\AppData\Roaming\ShopAtHome.com BrowserAppCore Service" not found
"C:\Users\Iara Coelho\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8NWL49W" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 20/06/2014 at 16:15:20,42 ======================
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sex 20 Jun 2014, 17:06

Faltou você responder a pergunta: você quer remover o Baidu ou quer continuar com ele?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Sex 20 Jun 2014, 20:58

Não removi e nem quero ficar com ele...
Como faço para remover ele??
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sex 20 Jun 2014, 23:13

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek:

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Pronto

Mensagem por Rafael FD Ter 24 Jun 2014, 01:13


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by Iara Coelho on 24/06/2014 at 0:37:53,33.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Iara Coelho\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-24-194144.log 19347 bytes
C:\zoek-results2014-03-10-231104.log 16436 bytes
C:\zoek-results2014-06-20-191520.log 60515 bytes

==== System Restore Info ======================

24/06/2014 00:41:08 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bndef deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]
"installDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe\InstallOptions]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ABB0E07-72E7-4A61-B164-F13A8844BEB9}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13939BBE-BF17-4F7B-9B92-D00B75BC9405}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C8AD47F8-9418-4F5E-8D74-04917524E214}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4A00EA9F-B4F7-4C4A-8A1E-D142E429897B}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CD91CA29-2499-4B79-99B0-7DA1B82D0C70}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{7B0AC352-546E-4FF1-85DA-2584EF851D5A}C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\baidubrowser]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\baidubrowser.tieba]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\BaiduSpark]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\SparkSafe]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]
"NextRunDirectSetBaiduBrowser"=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\CurrentTabs_V2]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UrllistMetaInfo_v2]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UserInfoRegister]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\SysData\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\UserInfoStorage]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe\UserInfoStorage2]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\ClosedItemRegister]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafeUserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\Topsites_V2]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]
"url"=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]
"url"=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\DefaultIcon]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\shell\open\command]
@=-
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\program files (x86)\\baidu\\sparksafe\\bdtray.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

==== Deleting Files \ Folders ======================

C:\Users\Iara Coelho\AppData\Local\Temp\baidu_secure not found
C:\Program Files (x86)\Baidu Security deleted
C:\ProgramData\Baidu Security deleted
C:\Users\Iara Coelho\AppData\Roaming\Baidu Security deleted
C:\Users\Public\Documents\Baidu Security deleted

==== Folders Found ======================

2014-01-23 02:44:16 2014-06-20 18:26:59 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-20 18:27:02 2014-06-20 18:27:02 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Local\Temp\baidu
2014-06-20 18:27:09 2014-06-20 18:27:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Roaming\baidu
2014-06-20 18:27:10 2014-06-20 18:27:10 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Iara Coelho\AppData\Roaming\baidu\Baidu Antivirus
2014-06-20 18:27:13 2014-06-20 18:27:13 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-02-25 21:05:21 2014-02-25 21:05:21 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR
2014-02-25 21:05:21 2014-02-25 21:05:21 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\BaiduPcFaster.DIR
2014-02-25 21:05:21 2014-02-24 19:40:32 -------- d-----w- C:\Users\Iara Coelho\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Antivirus
2014-06-24 03:42:18 2014-06-24 03:42:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-24 03:42:18 2014-06-13 19:34:05 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-24 03:42:18 2014-06-24 03:42:18 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-24 03:42:18 2014-06-24 03:42:18 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-02-24 19:35:48 2014-02-24 19:35:48 -------- d---a-w- C:\zoek_backup\C_Users_Iara Coelho_AppData_Roaming_Baidu
2014-06-24 03:42:18 2014-06-24 03:42:18 -------- d---a-w- C:\zoek_backup\C_Users_Iara Coelho_AppData_Roaming_Baidu Security
2014-06-24 03:42:18 2014-06-24 03:42:18 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-06-24 03:42:18 2014-06-13 19:34:05 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-02-24 19:35:48 2014-02-24 19:18:07 -------- d---a-w- C:\zoek_backup\C_Users_Iara Coelho_AppData_Roaming_Baidu\Baidu Antivirus

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\SparkSafe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\SparkSafe\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\SparkSafe\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=121 36895709 bytes)

==== EOF on 24/06/2014 at 0:44:44,92 ======================
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Ter 24 Jun 2014, 12:09

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sáb 26 Jul 2014, 19:59, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Qui 26 Jun 2014, 01:04

Foi... Segue o log


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by Iara Coelho on 26/06/2014 at 0:56:22,96.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Iara Coelho\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-24-194144.log 19347 bytes
C:\zoek-results2014-03-10-231104.log 16436 bytes
C:\zoek-results2014-06-20-191520.log 60515 bytes
C:\zoek-results2014-06-24-034444.log 25600 bytes

==== System Restore Info ======================

26/06/2014 00:57:15 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\SparkSafe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=-
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\SparkSafe]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906667]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install\11906698]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=-

==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=121 36895709 bytes)

==== EOF on 26/06/2014 at 0:57:53,31 ======================
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Qui 26 Jun 2014, 09:25

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sáb 26 Jul 2014, 20:00, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Rafael FD Sex 11 Jul 2014, 13:23

Desculpe por não responder antes, estava ocupado!

Segue o log:  como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? 648673379 como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? 648673379 


Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by Iara Coelho on 11/07/2014 at 12:27:31,17.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Iara Coelho\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11/07/2014 12:37:07 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=-
"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=-
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=-

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark]
"installDir"="C:\\Program Files (x86)\\baidu\\Spark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu\Spark\InstallOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\Spark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@="BaiduSpark.EXE"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{DF6D5592-D0D9-44BB-B695-F880B320F1BE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88B1702C-00E1-47C7-B3FB-B9AE1A98464F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C876A3F5-736F-4867-BB33-2E6EB958A2DE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8FCAD6EB-F05D-4664-821F-46706E57CBA7}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{DF6D5592-D0D9-44BB-B695-F880B320F1BE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88B1702C-00E1-47C7-B3FB-B9AE1A98464F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C876A3F5-736F-4867-BB33-2E6EB958A2DE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8FCAD6EB-F05D-4664-821F-46706E57CBA7}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{DF6D5592-D0D9-44BB-B695-F880B320F1BE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{88B1702C-00E1-47C7-B3FB-B9AE1A98464F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C876A3F5-736F-4867-BB33-2E6EB958A2DE}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8FCAD6EB-F05D-4664-821F-46706E57CBA7}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\baidubrowser]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\BDLOG\BaiduSpark]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Hao123-br\hao123desk]
"ToyPath"="C:\\Users\\Iara Coelho\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1111.exe"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark]
"NextRunDirectSetBaiduBrowser"="0"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData\UrllistMetaInfo]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData\UrllistMetaInfo_v2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData\UserInfoStorage]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\SysData\UserInfoStorage2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\UserData]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\ClosedItemRegister]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E0794900610072006100200043006f0065006c0068006f00\Topsites_V2]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Clients\StartMenuInternet]
@="BaiduSpark.EXE"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Clients\StartMenuInternet\BaiduSpark]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities\UrlAssociations]

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities\UrlAssociations]
"magnet"="BaiduSpark.Url.magnet"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids]
"BaiduSparkHTML"=hex(0):

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids]
"BaiduSparkHTML"=hex(0):

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids]
"BaiduSparkHTML"=hex(0):

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"Progid"="BaiduSparkHTML"

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Users\\IARACO~1\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_057.exe"=dword:00000001

"C:\\Users\\Iara Coelho\\Downloads\\[[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Dirt 3 2011 [ENG] [BIN] [Repack] [Catalyst] [Ekipa TnT]\\setup.exe"=dword:00000001
"C:\\Program Files (x86)\\baidu\\SparkSafe\\uninst.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\RegisteredApplications]
"BaiduSpark"="Software\\Clients\\StartMenuInternet\\BaiduSpark\\Capabilities"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\.htm]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\.html]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\.shtml]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\.xht]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\.xhtml]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000\Software\Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\.htm]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\.html]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\.shtml]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\.xht]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\.xhtml]
@="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\ftp\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\http\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-2138212033-2169333751-162243810-1000_Classes\https\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\" -- \"%1\""

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=121 36895709 bytes)

==== EOF on 11/07/2014 at 12:38:08,49 ======================
Rafael FD
Rafael FD
Iniciante
Iniciante

Mensagens : 36
Reputação : 1
Data de inscrição : 20/06/2014

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sex 11 Jul 2014, 13:25

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Power Max Sáb 26 Jul 2014, 20:01

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

como  https - forumpcbrasil forumeiros com - Como faço para remover o "ads by offersWizard" ?? Empty Re: Como faço para remover o "ads by offersWizard" ??

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos