Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
18 usuários online :: 0 registrados, 0 invisíveis e 18 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
joram
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Wings [In Memoriam]
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
caedurodrigues
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Amigo Brasileiro
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
luizvilarinho
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Danii
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Admin
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Danilo Marsaro
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 
Andreata
Problemas no pc Vote_lcapProblemas no pc Voting_barProblemas no pc Vote_rcap 

abril 2024
SegTerQuaQuiSexSábDom
1234567
891011121314
15161718192021
22232425262728
2930     

Calendário Calendário

Palavras-chaves

virus  deletar  popup  game  2015  instalação  áudio  placa  excluir  2013  notebook  impressora  adobe  vídeos  SOFTWARE  PARA  flash  pessoas  SISPNCD  player  desinstalar  windows  mcafee  2025  video  teclado  


Problemas no pc

2 participantes

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

Ir para baixo

Problemas no pc Empty Problemas no pc

Mensagem por luh Qua 25 Jun 2014, 14:15

Estou com vários problemas no pc de propagandas e vírus. Os navegadores estão desconfigurados.
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por luh Qua 25 Jun 2014, 14:56

# AdwCleaner v3.213 - Relatório criado 25/06/2014 às 14:38:10
# Atualizado 23/06/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits)
# Usuário : Administrador - M04020-PC
# Executando de : C:\Users\Administrador\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\Program Files\004
Pasta Deletada : C:\Program Files\crimsolite
Pasta Deletada : C:\Users\Public\Documents\baidu

***** [ Atalhos ] *****


***** [ Registro ] *****

[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E96338DC-1468-4918-8EC2-8454BFFC5025}

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.16576


-\\ Mozilla Firefox v30.0 (en-US)

[ Arquivo : C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\wby9xs0t.default\prefs.js ]

Linha deletada : user_pref("browser.search.defaultthis.engineName", "Web Search");
Linha deletada : user_pref("browser.search.selectedEngine", "Web Search");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://static.flipora.com/websearch.html?u=\"\"&h=Eo9X_fjqqBmF0qgZ9E7mvmbKRsssevyY0fCcg4M1WIg&d=0&bcb=2014-05-26&t=81&gl=br&tv=v81");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [58423 octets] - [26/05/2014 16:15:48]
AdwCleaner[R1].txt - [2110 octets] - [25/06/2014 14:37:35]
AdwCleaner[S0].txt - [54116 octets] - [26/05/2014 16:16:58]
AdwCleaner[S1].txt - [2006 octets] - [25/06/2014 14:38:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2066 octets] ##########
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por luh Qua 25 Jun 2014, 14:57


Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by Administrador on 25/06/2014 at 14:42:52,91.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Administrador\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-26-193525.log 20858 bytes

==== System Restore Info ======================

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\wby9xs0t.default\prefs.js:
user_pref("browser.search.defaulturl", "http://static.flipora.com/enhancedsearch_v.html?q={searchTerms}&src_type=sp&ref_type=sp&serp_type=searchbar&gl=br&u=\"\"&h=Eo9X_fjqqBmF0qgZ9E7mvmbKRsssevyY0fCcg4M1WIg&bcb=2014-05-26&d=0&t=81&tv=v81");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://static.flipora.com/enhancedsearch_v.html?serp_type=addbar&ref_type=ab&src_type=ab&gl=br&u=\"\"&h=Eo9X_fjqqBmF0qgZ9E7mvmbKRsssevyY0fCcg4M1WIg&d=0&bcb=2014-05-26&t=81&gl=br&tv=v81&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\wby9xs0t.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Baidu deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Administrador\Searches deleted
C:\Windows\System32\drivers\{b525993a-167d-44eb-9f03-5966d1af451f}w.sys deleted

==== Folders Found ======================

2013-11-09 08:20:28 2013-11-09 08:20:28 -------- d-----w- C:\BaiduDownloads
2014-05-26 19:17:01 2014-05-26 19:17:01 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-26 19:17:16 2014-05-26 19:17:16 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Roaming\baidu
2014-05-26 19:17:16 2014-05-26 19:17:16 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Administrador\AppData\Roaming\baidu\Baidu Antivirus
2014-05-26 19:17:18 2014-05-26 19:17:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2013-10-14 19:34:27 2014-05-07 12:35:07 -------- d-----w- C:\Program Files\Baidu Security
2014-05-07 12:35:07 2014-06-25 17:49:33 -------- d-----w- C:\Program Files\Baidu Security\Baidu Antivirus
2013-10-14 19:34:27 2014-05-07 12:35:14 -------- d-----w- C:\ProgramData\Baidu Security
2014-05-07 12:35:09 2014-05-07 12:35:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2013-10-14 19:50:31 2013-10-16 11:03:42 -------- d-----w- C:\Users\Administrador\AppData\Roaming\Baidu Security
2014-04-04 18:13:11 2014-04-04 18:13:11 -------- d-----w- C:\Users\Administrador\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-04-04 18:13:11 2014-04-04 18:13:11 -------- d-----w- C:\Users\Administrador\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2013-10-14 19:34:27 2014-05-07 12:35:14 -------- d-----w- C:\Users\All Users\Baidu Security
2014-05-07 12:35:09 2014-05-07 12:35:09 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-06-25 17:39:33 2014-06-25 17:39:33 -------- d-----w- C:\Users\Public\Documents\Baidu
2013-12-16 14:02:23 2013-12-16 14:03:42 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-03-02 22:33:21 2014-03-02 22:33:21 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Baidu Security
2014-05-26 19:31:52 2014-06-25 17:39:35 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu

==== Files Found ======================


--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-05-07 12:35:04
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\Program Files\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-05-07 12:35:04
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1174
Created time: 2014-05-07 12:35:09
Modified time: 2014-05-07 12:35:09
MD5: 09596476A446CE5150E6E470C27A68D4
SHA1: D6C252F00E7EFC26926F2D25245F11D13977252D


--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1174
Created time: 2014-05-07 12:35:09
Modified time: 2014-05-07 12:35:09
MD5: 09596476A446CE5150E6E470C27A68D4
SHA1: D6C252F00E7EFC26926F2D25245F11D13977252D


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFTray-2014-04-04 04-12-35-0539-[0041].dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-FasterNow-2014-04-04 04-12-39-0984-[0041].dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-04-04 04-12-23-0478-[0041].dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-NSISInstall-2014-04-04 04-13-23-0724-[0041].dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-11 02-44-06-0977-[30104].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-19 02-38-11-0823-[22621].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-20 02-09-49-0423-[16053].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-06 03-31-03-0527-[19586].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-07 03-31-11-0061-[25358].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdApiUtil.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BdCameraProtect.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsEx]
"DisplayName"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.15.8.4011]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\3.15.8.4011\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.0.6.4959]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.0.6.4959\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\032213-17534-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\092513-9796-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130245971746776108.dmp]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC App Store\DataReport]

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-17 15_08_04_[0320]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-17 15_27_02_[0413]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-18 12_04_30_[0826]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-18 15_45_56_[0149]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-21 07_19_57_[0430]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-21 12_19_51_[0962]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-10-21 16_19_53_[0591]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-11-03 05_54_04_[0029]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-11-05 08_46_46_[0035]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

"c:\\users\\administrador\\appdata\\roaming\\baidu security\\pc app store\\rpdata\\2013-11-05 14_27_39_[0670]rpdata.dat"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.15.8.4011]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\3.15.8.4011\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.0.6.4959]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.0.6.4959\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\032213-17534-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\092513-9796-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130245971746776108.dmp]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF" [04/12/2013 08:26]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"SoundFrost@helper.com"="C:\Program Files\Baixar Musicas Gratis\SoundFrost.xpi" [21/03/2014 14:30]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\wby9xs0t.default
95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
CA0E1DFBE480CF0BE13A0883BEB378B6 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U40
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
148727EBD947CBC168C42A227D56DAB0 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9B4D431459A9B935FB117F4EDDA236E8 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
3F9F8E0F93D6FA7B7552077A3DF171DE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
AC47B55B38D626B678897F195793ECAB - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx[28/04/2014 09:52]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on Users Desktops ======================

C:\Users\m04020\Desktop\Hao123.lnk - C:\Users\Administrador\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\m04020\Desktop\NCaminhos 2a serie.lnk - C:\Program Files\Novos Caminhos 2a serie 3o ano\NCam2s.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Avira.lnk - C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus.lnk - C:\Program Files\Avira\AntiVir Desktop\avwin.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira na Internet.lnk - C:\Program Files\Avira\AntiVir Desktop\weblink.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Iniciar Avira Free Antivirus.lnk - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\My Avira\Avira.lnk - C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\uistub.exe /lu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\NBRT.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\uistub.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\symerr.exe /support
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.3.0.12\inststub.exe /X /shortcut

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Administrador\AppData\Roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\m04020\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\m04020\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\m04020\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Administrador\AppData\Local\Mozilla\Firefox\Profiles\wby9xs0t.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=487 folders=50 48688232 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrador\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\m04020\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 25/06/2014 at 14:54:22,71 ======================
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Power Max Qua 25 Jun 2014, 15:25

Oi Luh.

Problemas no pc 772309 No seu PC está constando o antivirus Baidu instalado. Você quer continuar com ele ou quer removê-lo? Seja qual for sua resposta para esta pergunta, siga esta dica abaixo:
_________________________________________________________________________________

Problemas no pc 772309 Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por luh Qua 25 Jun 2014, 15:53

Gostaria de remover o baidu

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Administrador on 25/06/2014 at 15:49:13,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"



~~~ FireFox

Successfully deleted: [File] C:\Users\Administrador\AppData\Roaming\mozilla\firefox\profiles\wby9xs0t.default\searchplugins\infoaxe.xml
Successfully deleted the following from C:\Users\Administrador\AppData\Roaming\mozilla\firefox\profiles\wby9xs0t.default\prefs.js

user_pref("extensions.infoaxetoolbar.analytics.bcb", "2014-05-26");
user_pref("extensions.infoaxetoolbar.analytics.gl", "br");
user_pref("extensions.infoaxetoolbar.analytics.userhash", "Eo9X_fjqqBmF0qgZ9E7mvmbKRsssevyY0fCcg4M1WIg");
user_pref("extensions.infoaxetoolbar.directSetHP", false);
user_pref("extensions.infoaxetoolbar.directSetSP", false);
user_pref("extensions.infoaxetoolbar.infoaxetoolbar.ChangedHomePageAndSearchEngine", true);
user_pref("extensions.infoaxetoolbar.infoaxetoolbar.lg", false);
user_pref("extensions.infoaxetoolbar.installConfirmed", true);
user_pref("extensions.infoaxetoolbar.installTime", 1401133360);
user_pref("extensions.infoaxetoolbar.lastQuery", "caixa de dicasavira");
user_pref("extensions.infoaxetoolbar.remote_control.state", "{\"sidepanel\":false,\"bg_redirect\":true,\"ab_suggestion_fix\":true,\"interstitial_ads\":true,\"popup_ads\":true,
user_pref("extensions.infoaxetoolbar.tbInstalledSent", true);
user_pref("extensions.infoaxetoolbar.webads.disposalmanager.popupWindowIDs", "{\"{d2c60520-26ad-4600-b03b-8fb504a1e2d6}\":1401131598842,\"{2794dfc2-7cf0-47a8-8bba-135cb1186f3e
user_pref("extensions.infoaxetoolbar.webads.pasm.state", "{\"callCounts\":{\"injected_popup\":2,\"injected_interstitial\":1},\"lastCallTimes\":{\"injected_interstitial\":14011
user_pref("infoaxetoolbar.lastping", 1401133420);
user_pref("infoaxetoolbar.laststatus", 1401133420);
user_pref("infoaxetoolbar.showaddressbar", true);
Emptied folder: C:\Users\Administrador\AppData\Roaming\mozilla\firefox\profiles\wby9xs0t.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/06/2014 at 15:52:03,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Power Max Qua 25 Jun 2014, 17:44

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 20 Jul 2014, 14:59, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por luh Seg 30 Jun 2014, 13:38

Olá. Não consigo  postar o resultado. é muito longo.


[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Power Max Seg 30 Jun 2014, 14:19

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Dom 20 Jul 2014, 15:00, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por luh Seg 30 Jun 2014, 14:39


Zoek.exe v5.0.0.0 Updated 28-06-2014
Tool run by Administrador on 30/06/2014 at 14:34:55,89.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Administrador\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-30-162911.log 979159 bytes

==== System Restore Info ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== Deleting Files \ Folders ======================

C:\Program Files\Baidu Security not found
C:\Program Files\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted

==== Folders Found ======================

2014-05-26 19:17:01 2014-05-26 19:17:01 -------- d-----w- C:\$RECYCLE.BIN\S-1-5-21-3609841848-2320771046-2397598984-500\$R6QB2R3\Quarantine\C\ProgramData\baidu
2014-05-26 19:17:16 2014-05-26 19:17:16 -------- d-----w- C:\$RECYCLE.BIN\S-1-5-21-3609841848-2320771046-2397598984-500\$R6QB2R3\Quarantine\C\Users\Administrador\AppData\Roaming\baidu
2014-05-26 19:17:16 2014-05-26 19:17:16 -------- d-----w- C:\$RECYCLE.BIN\S-1-5-21-3609841848-2320771046-2397598984-500\$R6QB2R3\Quarantine\C\Users\Administrador\AppData\Roaming\baidu\Baidu Antivirus
2014-05-26 19:17:18 2014-05-26 19:17:18 -------- d-----w- C:\$RECYCLE.BIN\S-1-5-21-3609841848-2320771046-2397598984-500\$R6QB2R3\Quarantine\C\Users\Public\Documents\baidu
2014-06-30 16:21:10 2013-11-09 08:20:28 -------- d---a-w- C:\zoek_backup\C_BaiduDownloads
2014-06-30 16:21:10 2014-06-30 16:21:42 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security
2014-06-30 16:21:42 2014-06-30 16:21:47 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus
2014-06-30 17:35:57 2014-06-30 17:35:57 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-06-30 16:21:48 2014-06-30 16:21:58 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-30 16:21:58 2014-06-30 16:21:58 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-05-26 19:31:52 2014-06-25 17:39:35 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Baidu
2014-06-30 16:21:58 2014-06-30 16:21:59 -------- d---a-w- C:\zoek_backup\C_Users_Administrador_AppData_Roaming_Baidu Security
2014-06-30 16:21:59 2014-06-30 16:21:59 -------- d---a-w- C:\zoek_backup\C_Users_Administrador_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-30 16:21:59 2014-06-30 16:22:00 -------- d---a-w- C:\zoek_backup\C_Users_Administrador_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-30 17:35:57 2014-06-30 17:35:57 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-06-30 16:22:00 2014-06-30 16:22:05 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-30 16:22:06 2014-06-30 16:22:06 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-30 16:22:06 2014-06-30 16:22:06 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-30 16:22:06 2014-06-30 16:22:06 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-06-30 16:22:06 2014-06-30 16:22:06 -------- d---a-w- C:\zoek_backup\C_Windows_System32_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-30 16:21:10 2014-06-30 16:21:41 -------- d---a-w- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus
2014-06-30 16:21:59 2014-06-30 16:21:59 -------- d---a-w- C:\zoek_backup\C_Users_Administrador_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-30 16:21:59 2014-06-30 16:21:59 -------- d---a-w- C:\zoek_backup\C_Users_Administrador_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-30 16:21:21
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-30 16:21:21
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-30 16:21:43
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-30 16:21:43
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1174
Created time: 2014-06-30 16:21:58
Modified time: 2014-05-07 12:35:09
MD5: 09596476A446CE5150E6E470C27A68D4
SHA1: D6C252F00E7EFC26926F2D25245F11D13977252D


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1174
Created time: 2014-06-30 16:22:06
Modified time: 2014-05-07 12:35:09
MD5: 09596476A446CE5150E6E470C27A68D4
SHA1: D6C252F00E7EFC26926F2D25245F11D13977252D


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3609841848-2320771046-2397598984-500\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4772 folders=897 785349055 bytes)

==== EOF on 30/06/2014 at 14:37:18,83 ======================
luh
luh
Iniciante
Iniciante

Mensagens : 6
Reputação : 0
Data de inscrição : 25/06/2014

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Power Max Seg 30 Jun 2014, 15:36

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Power Max Dom 20 Jul 2014, 15:02

TÓPICO ARQUIVADO

Como o autor não respondeu por mais de 15 dias, o tópico foi arquivado. Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Problemas no pc Empty Re: Problemas no pc

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Tópicos Arquivados

 
Permissões neste sub-fórum
Não podes responder a tópicos