Logo Hardware.com.br
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas

[Resolvido] Como desinstalar o baidu

#1 Por R. Moran 02/02/2015 - 13:04
Prezados,

estou com essa pasta em meu notebook e não consigo excluí-la por nada. Segui os passos propostos pelo Tmfeijo mais acima e quando cheguei na parte do Adsfix fiz como o recomendado. Desativei o MSE e o firewall do windows (o meu é o windows 7 - 86x), baixei o executável, cliquei com o botão direito e mandei executar como administrador mas ele sempre dá um aviso sonoro e aparece uma mensagem "Obrigado por executar a ferramenta do escritório". Porém não instala o programa, não abre, não faz nada... como resolver isso? Obrigado a quem puder ajudar...
windows notebook prezados pasta desinstalar executar excluila baidu
Responder
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#4 Por caedurodrigu...
03/02/2015 - 01:12
Boa noite R. Moran, aborte a utilização da AdsFix.

  • Baixe: <ZHPDiag ><5fae498c5cd6c951142509fbc9efda13> ( ...Nicolas Coolman)
  • Salve-o no Disco local (C ou D).
  • Desabilite seu antivírus, e execute ZHPDiag.exe para instalar.

    e0baac1fc96e2b6998362b4e757228c9
  • Execute o ícone do pergaminho!

    74bd92827a56ccef3293e039379d6b90
  • Clique na opção "COMPLETA" e aguarde a conclusão.
  • Clique OK e,ao concluir, poste o relatório! ( ZHPDiag.txt )
  • Obs: O relatório por ser extenso deve ser postado em um desses sites:
  • Acesse: <b7cb62cfb007715d3990c0ffc7a9f4ee>
  • Ou acesse:<317c011bca045ff7fc0b26f3766d4d22>
  • Ou anexe-o ao fórum.


Um grande abraço. bom_trabalho.gif
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas
#5 Por R. Moran
03/02/2015 - 18:03
Caro Cauedu... Agradeço teu interesse em ajudar. Esclareço que hoje estou com problemas em minha internet, o que não possibilitou baixar o referido programa. Até amanhã isto estará solucionado e será feito. (Apenas para dar uma satisfação e não dar a entender que não tenho interesse na solução do problema). Grande abraço...
R. Moran
"Podemos facilmente perdoar uma criança que tem medo do escuro; a real tragédia da vida é quando os homens têm medo da luz."
Platão
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#8 Por caedurodrigu...
05/02/2015 - 00:27
Boa noite R. Moran, foi você que configurou o proxy que está em vermelho escuro ? Se foi você, por favor remova as linhas em vermelho escuro do script.

  • Execute este script na ferramenta ZHPFix.
  • Copie estas informações que estão em vermelho para o Bloco de notas.
  • Com o Bloco de notas aberto, faça: ctrl+a >> ctrl+c.
  • À seguir, minimize o Bloco de notas.

Script ZHPFix
SysRestore
[MD5.A73450BA1E5072948B31C34E1EF4EB97] - (.Baidu Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFasterSvc.exe [1636336] [PID.824]
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFasterSvc.exe
[MD5.A2E495367B0D1FC5B7692E4D0B51B400] [APT] [Baidu PC Faster Update] (.Baidu Inc..) -- C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\Updater.exe [1358832]
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys
O41 - Driver: (crfilterdrv) . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\crfilterdrv.sys
O42 - Logiciel: Baidu PC Faster - (.Baidu Inc..) [HKLM][64Bits] -- Baidu PC Faster 4.0.0.0
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\Baidu Security]
[HKCU\Software\PCDataApp]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\04ea2eb8-30de-4f77-94eb-7349b6ba91eb] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\81d064ce-a74a-4851-961c-2bd852bcbeda] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\PCDataApp]
O43 - CFD: 28/01/2015 - 16:39:08 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 02/02/2015 - 13:29:22 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 02/02/2015 - 12:23:41 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 02/02/2015 - 12:19:46 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 02/02/2015 - 13:17:51 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/02/2015 - 17:39:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O44 - LFC:[MD5.FDDDABC83BB5FB70E8BF481748B32B26] - 21/01/2015 - 12:50:26 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\crfilterdrv.sys [51528]
O44 - LFC:[MD5.7144D953DC4A27F20C891FB74485D0F9] - 26/01/2015 - 15:44:36 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\gosaferdrv.sys [51504]
O44 - LFC:[MD5.9BE3A82D726942E2A573374C51F6FCAD] - 29/01/2015 - 10:22:31 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528]
O58 - SDL:17/12/2014 - 02:11:14 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [94528]
O58 - SDL:21/01/2015 - 12:50:26 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\crfilterdrv.sys [51528]
O58 - SDL:19/01/2015 - 09:59:54 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\gosaferdrv.sys [51504]
O64 - Services: CurCS - 21/01/2015 - C:\Windows\System32\drivers\crfilterdrv.sys (crfilterdrv) .(.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - LEGACY_CRFILTERDRV
O64 - Services: CurCS - 19/01/2015 - C:\Windows\System32\drivers\gosaferdrv.sys (gosaferdrv) .(.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) - LEGACY_GOSAFERDRV
SR - | Auto 20/01/2015 1636336 | (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFasterSvc.exe
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Wow6432Node\04ea2eb8-30de-4f77-94eb-7349b6ba91eb] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\81d064ce-a74a-4851-961c-2bd852bcbeda] =>PUP.CrossRider^
ServiceStop:BprotectEx
ServiceStop:crfilterdrv
EmptyClsid
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
ShortcutFix
Proxyfix


Abra a ferramenta ZHPFix. <d2512a7bebda302928ef9e5bd9206047>
Clique em IMPORTAÇÃO > OK
Clique "GO".
Poste o Relatório!


Um grande abraço.

bda2ffa2e92f7f2a44c02bfd0ae2986b
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas
#9 Por R. Moran
05/02/2015 - 12:32
Caro Caedurodrigues,

não fui eu que configurei o proxy referido e portanto não o apaguei do script. Informo que durante a execução do ZHPfix o PC faster abriu, (coisa que nunca havia acontecido) e eu recusei a solicitação de analise do computador e fechei. Depois que o computador reiniciou, para minha surpresa, o Pc faster estava instalado (até então só tinha uma pasta dele) e operando. Usei o Revo para desinstalar, já que pelo Painel de controle não consegui, e algo que me chamou a atenão (não sei se tem a ver) é que o nome da pasta aparece como: Pc Faster/5.0.0.0. Ah, e nem preciso dizer que a pasta "Baidu Security" continua no mesmo lugar e aparentemente sem nenhum arranhão. Me lembrou a Rachel do RE Revelations que joguei recentemente... você mata num capítulo e no outro a praga torna a aparecer do mesmo jeito. Que coisa! Mas tenho fé que vamos conseguir resolver essa parada... Aguardo maiores orientações e agradeço desde já. Grande abraço...

Segue abaixo o relatorio gerado pós execução do ZHPfix:

Rapport de ZHPFix 2015.1.15.1 par Nicolas Coolman, Update du 15/01/2015
Fichier d'export Registre :
Run by User at 05/02/2015 11:30:46
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (20mn 01s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\baidu security\pc faster\5.0.0.0\uninstall.exe

========== Estado dos serviços ==========
CRFILTERDRV Parado
GOSAFERDRV Parado
BprotectEx Parado
crfilterdrv Parado

========== Chaves do Registo ==========
ELIMINÉ:³ Service: PCFasterSvc_{PCFaster_4.0.0.0}
ELIMINÉ Driver Key: crfilterdrv
ELIMINÉ: HKCU\Software\1ClickDownload
ELIMINÉ:³ HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\PCDataApp
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\04ea2eb8-30de-4f77-94eb-7349b6ba91eb
ELIMINÉ: HKLM\Software\Wow6432Node\81d064ce-a74a-4851-961c-2bd852bcbeda
ELIMINÉ:³ HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\PCDataApp

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Public) : {FBF63830-7594-4B76-841F-F4D92278D559}
ELIMINÉ: FirewallRaz (Public) : {F7DB3C3C-EA90-4E6C-BEA7-C708D90B13F2}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{2F5077D8-5DB1-4C4F-A404-944F4BCFE23F}C:\program files (x86)\resident evil 6\bh6.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{2CA3A86F-94E1-46E1-931A-1086F898DAB2}C:\program files (x86)\resident evil 6\bh6.exe
ELIMINÉ: FirewallRaz (Public) : {CB62CFA2-83CA-46E1-A2CD-8FB08E76A9AE}
ELIMINÉ: FirewallRaz (Public) : {7DA256DE-4E39-475A-96F6-6DAC1383F240}
ELIMINÉ: FirewallRaz (Private) : TCP Query User{FA7F257C-4F61-406F-9829-A70B5F5197F0}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{C0D0DA54-9559-4A65-B2D8-BDB87230E04E}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{BE0CE94A-DDF6-48BB-B1B4-F196FCF8F4C8}C:\users\user\videos\jogos\re5\resident evil 5\re5dx9.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{89D77CA6-D501-4D0B-9896-C4BEF66598FF}C:\users\user\videos\jogos\re5\resident evil 5\re5dx9.exe
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page = localhost:8080

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (29)
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINA REINICIAR: c:\program files (x86)\baidu security\pc faster\5.0.0.0\pcfastersvc.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\crfilterdrv.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\gosaferdrv.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ Temporários windows (508) (64.154.947 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: Baidu PC Faster Update

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
11 : Chaves do Registo
18 : Valores do Registo
1 : Elementos dos dados do Registo
3 : Pastas
6 : Ficheiros
1 : Softwares
4 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema


End of clean in 33mn 23s

========== Caminho do ficheiro do relatório ==========
C:\Users\User\AppData\Roaming\ZHP\ZHPFix[R1].txt - 05/02/2015 11:50:48 [3767]
R. Moran
"Podemos facilmente perdoar uma criança que tem medo do escuro; a real tragédia da vida é quando os homens têm medo da luz."
Platão
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#10 Por caedurodrigu...
05/02/2015 - 13:48
Boa tarde R. Moran,

  • Baixe: <2cb63f5a3cb2891ffea3918328744eaf> (...par Xplode)
  • Ou aqui >>AdwCleaner<<
  • Salve-a na sua Desktop (área de trabalho).
  • Feche todos os programas e navegadores de internet abertos.
  • Usuários do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo AdwCleaner.exe,depois clique em:
    715687bce3607a295707796273fb2e69

    43c99d23e544ec749d16171b30fe4b3c

  • Clique em Examinar, para iniciar o escaneamento!

    c16bf206c6be4697bd007bbcc0ea8fc9
  • Ao término, clique em limpar
  • Copie o log ou clique "Relatório".
  • Poste: >>C:\AdwCleaner\AdwCleaner [S0].txt<<


  • Baixe:<30e722672bdc2a82ab971d6946fd2de0> <(...by Oleg N. Scherbakov)>
  • Salve-o no desktop!
  • Desabilite seu antivírus!
  • Para Windows 7, clique direito em JRT.exe e execute-o como 06b357286306fefd312a9f88ba39d1e6
Imagem
Aguarde a conclusão e poste o relatório. ( JRT.txt )


Um grande abraço.
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas
#11 Por R. Moran
05/02/2015 - 14:50
Boa tarde Caedurodrigues,

informo que tenho e já utilizei estes dois programas, além de ter executado também o Malwarebytes e o Spybot search & destroy antes de ter solicitado ajuda aqui na comunidade. Mas executei novamente os programas solicitados e segue abaixo os respectivos relatórios>. Grande abraço...

Adwcleaner:

# AdwCleaner v4.109 - Relatório criado 05/02/2015 às 14:18:40
# Atualizado 24/01/2015 por Xplode
# Database : 2015-02-04.1 [Live]
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : User - USER-PC
# Executando de : C:\Users\User\Downloads\adwcleaner_4.109.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu

***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 pt-BR)


-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R20].txt - [992 octets] - [05/02/2015 14:11:32]
AdwCleaner[S18].txt - [3103 octets] - [02/02/2015 12:22:49]
AdwCleaner[S19].txt - [906 octets] - [05/02/2015 14:18:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S19].txt - [966 octets] ##########


Junk Removal Toll:

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by User on 05/02/2015 at 14:26:27,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"



~~~ FireFox

Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\n4kukb15.default-1399840422394\prefs.js

user_pref("browser.search.searchengine.alias", " user_pref("browser.search.searchengine.name", "


~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/02/2015 at 14:36:24,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
R. Moran
"Podemos facilmente perdoar uma criança que tem medo do escuro; a real tragédia da vida é quando os homens têm medo da luz."
Platão
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas
#12 Por R. Moran
05/02/2015 - 15:00
Caedurodrigues,

OPAAA!!! Ou devo dizer OBAAA? As malditas pastas sumiram finalmente? Parece que sim! Fui no regedit e só achei um resto de chave do baidu security que deletei. Parece que está resolvido, mas vou aguardar teu parecer. Grande e agradecido abraço!
R. Moran
"Podemos facilmente perdoar uma criança que tem medo do escuro; a real tragédia da vida é quando os homens têm medo da luz."
Platão
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#13 Por caedurodrigu...
05/02/2015 - 15:29
Boa tarde R. Moran,

  • Baixe:<dee34063e0aebc2b75fbd3b18cb7425azoek.exe><(...by Smeenk)>
  • Salve na sua área de trabalho!
  • Execute o arquivo Zoek.exe.
  • Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em
    715687bce3607a295707796273fb2e69
  • Selecione as linhas em vermelho, clique com o direito sobre a seleção e escolha a opção copiar!

emptyfolderscheck;delete
ipconfig /flushdns;b
quickscan;
autoclean;
emptyalltemp;
Baidu;a
Baidu;z


Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar.
Clique Run Script!
Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.
Uma cópia também será salva no seu disco local com o nome zoek-results.txt.
Anexe o zoek-results.txt na sua próxima resposta.

Um grande abraço. bom_trabalho.gif
R. Moran
R. Moran Membro Senior Registrado
92 Mensagens 60 Curtidas
#14 Por R. Moran
05/02/2015 - 17:01
Prezado, relatório pronto.

Obrigado e grande abraço...


Zoek.exe v5.0.0.0 Updated 05-February-2015

Tool run by User on 05/02/2015 at 16:07:38,54.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\User\Downloads\zoek.exe [Scan all users] [Script inserted]



==== Older Logs ======================



C:\zoek-results2015-02-02-140036.log    52085 bytes



==== Empty Folders Check ======================



C:\Users\Default\AppData\Local\Google deleted successfully



==== Deleting CLSID Registry Keys ======================





==== Deleting CLSID Registry Values ======================





==== Deleting Services ======================





==== Batch Command(s) Run By Tool======================





==== Folders Found ======================



2015-01-26 19:11:14 2015-01-26 19:11:14    --------    d-----w-    C:\AdwCleaner\Quarantine\C\ProgramData\baidu

2015-02-05 13:29:47 2015-02-05 13:29:47    --------    d-----w-    C:\Users\User\AppData\Roaming\ZHP\Quarantine\Baidu PC Faster.DIR

2015-02-05 13:21:47 2015-02-05 13:28:09    --------    d-----w-    C:\Users\User\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR

2015-02-05 13:28:41 2015-02-05 13:28:41    --------    d-----w-    C:\Users\User\AppData\Roaming\ZHP\Quarantine\Baidu.DIR

2015-02-05 13:28:09 2015-02-02 14:19:46    --------    d-----w-    C:\Users\User\AppData\Roaming\ZHP\Quarantine\Baidu Security.DIR\Baidu Security

2015-02-02 13:41:20 2015-02-02 13:41:20    --------    d---a-w-    C:\zoek_backup\C_PROGRA~3_Baidu



==== Files Found ======================





--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Service.vir ---

Company: ------

File Description: ------

File Version: ------

Product Name: ------

Copyright: ------

Original Filename: ------

File type: ----a-w-

File size: 3660

Created time: 2015-02-02 13:41:20

Modified time: 2015-01-29 13:18:59

MD5: DBE185A5CB044714D0709302E1349B78

SHA1: 17EBCE376F2618983DFFB705206AFC17F904E993





--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Update.vir ---

Company: ------

File Description: ------

File Version: ------

Product Name: ------

Copyright: ------

Original Filename: ------

File type: ----a-w-

File size: 3712

Created time: 2015-02-02 13:41:20

Modified time: 2015-01-29 13:18:58

MD5: EE7C8FFEBF2C82969F6E370F31F39E09

SHA1: B7C997371FE9F2583BD5D9EAA075992F111BBFC0





==== Registry Search Results for "Baidu" ======================





[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]



[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]



[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]



[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]



[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]

"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]

"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]

@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]

@="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\bavadvtools\\3811A2B3-20AF-486d-81FA-8774762CC135\\tool\\Translator.exe,-201"



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]

@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\bavadvtools\\3811A2B3-20AF-486d-81FA-8774762CC135\\tool\\Translator.exe\" \"%1\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]



[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]

"DeviceDesc"="Baidu Antivirus Minifilter Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]

"DeviceDesc"="Baidu FS Monitor Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]

"DeviceDesc"="Baidu NetDefense"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]

"DeviceDesc"="Baidu Protect"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]

"DeviceDesc"="Baidu Antivirus Minifilter Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]

"DeviceDesc"="Baidu FS Monitor Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]

"DeviceDesc"="Baidu NetDefense"



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]

"DeviceDesc"="Baidu Protect"



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]

"DeviceDesc"="Baidu Antivirus Minifilter Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]

"DeviceDesc"="Baidu FS Monitor Driver"



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]

"DeviceDesc"="Baidu NetDefense"



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]

"DeviceDesc"="Baidu Protect"



[HKEY_USERS\.DEFAULT\Software\Baidu]



[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]



[HKEY_USERS\.DEFAULT\Software\Baidu Security]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback\products]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback\products\1]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\IntelliType Pro\AppSpecific\FasterNow.exe]

"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\5.0.0.0\\FasterNow.exe"



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]



[HKEY_USERS\S-1-5-18\Software\Baidu]



[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]



[HKEY_USERS\S-1-5-18\Software\Baidu Security]



[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]



[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]



[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]



[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]



==== Files Recently Created / Modified ======================



====== C:\Windows ====

====== C:\Users\User\AppData\Local\Temp ====

2015-02-05 16:25:30    E0DC8C6BBC787B972A9A468648DBFD85    1008128    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\libiconv2.dll

2015-02-05 16:25:30    D202BAA425176287017FFE1FB5D1B77C    103424    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\libintl3.dll

2015-02-05 16:25:30    57CAC848FA14AE38F14F9441F8933282    140288    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\pcre3.dll

2015-02-05 16:25:30    547C43567AB8C08EB30F6C6BACB479A3    79360    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\regex2.dll

2015-02-05 16:25:29    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2015-02-04 15:43:37    DADF458CDA563109C5E53B2B7669C2F8    16922360    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\ThreatScanner.exe

2015-02-04 15:43:14    2CFC225988F4932DF538CF5F4BED3C8B    17348032    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\installerpackage.exe

2015-02-04 15:38:59    A51C2369EEF4FC159B9A9DA695A7E990    970088    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe

2015-02-04 15:38:59    5B230017B04914B12070552EC5419867    1043000    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe

2015-02-04 15:38:59    574E467C75840E19D3196C52947B6081    1837096    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\en-US.exe

2015-02-04 15:38:59    34F92C8A489F04D401A8E3E5A49F7959    969400    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\it-IT.exe

2015-02-04 15:38:58    FE8986D39CF82FF9ED856571E64F4843    223344    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\wspack.dll

2015-02-04 15:38:58    EB1E6129696EE881DE94F383BEE0B117    131552    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\core\bdcore.dll

2015-02-04 15:38:58    E2316D482BCD6CADD878500D132BCEF5    815600    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\setuplauncher.exe

2015-02-04 15:38:58    DBB5106CEE548C085FC2D33E9AB59BE7    297016    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\wsutils.dll

2015-02-04 15:38:58    D9621F7E1DC3E40AAD4A7D0736A33A3B    567888    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\Installer.exe

2015-02-04 15:38:58    95B779329680265CE36BDFA0BC953A13    216664    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\unrar64.dll

2015-02-04 15:38:58    804A78FF4F68125B5D4E4EEECA642FEA    126560    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\npcomm.dll

2015-02-04 15:38:58    6034B71DC75CB71635181457EE8EBE24    1524288    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\wslib.dll

2015-02-04 15:38:58    132C0E39AF0312E6B9611E2E1B344D41    382536    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\trufos.sys

2015-02-04 15:38:58    0A7FC87768E1C181D3F903DF19F34A80    511232    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\trufos.dll

2015-02-04 15:38:57    8477FB1D573CE8F8B92E71302308D399    14720    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe

2015-02-04 15:38:57    74AB0D9CB6EC7B9E796C0A4FED20C766    3762472    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\htmlayout.dll

2015-02-04 15:38:57    6505373F3B9261A536EF402F55B5DE79    190384    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\bdardrv.dll

2015-02-04 15:38:57    5BB8E15835F5D0A5BD99492C5D85A672    101328    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\bdmetrics.dll

2015-02-04 15:38:57    509A03DFFBB3FEC4B2BCCADCAB903C4B    76584    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\gzfltum.dll

2015-02-04 15:38:57    408B664926675C270D911160F1631D6B    148696    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\gzflt.sys

2015-02-04 15:38:57    377DBA1E531CD11EBC45B907B454D247    156304    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\avcheck.exe

2015-02-04 15:38:57    28C9690641CC746F778AB94EED54C4B0    2360064    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\additional.dll

2015-02-04 15:38:57    199F11A6FC6689BFCCF1A9E7832C3B63    15232    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe

2015-02-04 15:38:57    01726E53C80083F4C02CDB834266C68C    148160    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\bdnc.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-01-27 00:50:44    44ECCC9B1B3EC830B6532E8B96F16AC3    164352    --sh--w-    C:\Windows\SysWOW64\SC.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2015-02-04 15:44:12    4DA5DA193E0E4F86F6F8FD43EF25329A    1721576    ----a-w-    C:\Windows\Sysnative\WdfCoInstaller01009.dll

====== C:\Windows\Sysnative\drivers =====

2015-02-04 15:44:10    AAE1DAE483DD57D0E267FCA42FCB5133    718840    ----a-w-    C:\Windows\Sysnative\drivers\avc3.sys

2015-02-04 15:44:10    8183B715BD56561C27BEBB68B1192B7A    593144    ----a-w-    C:\Windows\Sysnative\drivers\avckf.sys

2015-02-04 15:44:10    3B9549FEF98AB1768A1D6A919F355B70    261056    ----a-w-    C:\Windows\Sysnative\drivers\avchv.sys

2015-02-04 15:39:21    408B664926675C270D911160F1631D6B    148696    ----a-w-    C:\Windows\Sysnative\drivers\gzflt.sys

2015-02-04 15:39:21    132C0E39AF0312E6B9611E2E1B344D41    382536    ----a-w-    C:\Windows\Sysnative\drivers\trufos.sys

2015-01-29 21:51:28    33F90B202E9DD9B7D489EB59310FDC34    283064    ----a-w-    C:\Windows\Sysnative\drivers\dtsoftbus01.sys

2015-01-26 18:44:40    FDDDABC83BB5FB70E8BF481748B32B26    51528    ----a-w-    C:\Windows\Sysnative\drivers\crfilterdrv.sys

2015-01-26 18:44:36    7144D953DC4A27F20C891FB74485D0F9    51504    ----a-w-    C:\Windows\Sysnative\drivers\gosaferdrv.sys

2015-01-26 18:44:35    9BD112361B5F1DB4DC6E77A1CBE561C3    60728    ----a-w-    C:\Windows\Sysnative\drivers\mosfilterdrv.sys

2015-01-26 18:43:51    F80393A5E4E0789392105B9ACB460632    60736    ----a-w-    C:\Windows\Sysnative\drivers\pofilterdrv.sys

2015-01-23 18:39:11    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_User_wpdcomp_01_09_00.Wdf

2015-01-23 18:39:00    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2015-01-14 14:49:35    AE3334958D8F631FF14A0AEB3D7EFB3A    141312    ----a-w-    C:\Windows\Sysnative\drivers\mrxdav.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2015-02-04 15:39:39    --------    d-----w-    C:\Program Files\Bitdefender

======= C:\PROGRA~2 =====

2015-02-05 17:38:57    --------    d-----w-    C:\PROGRA~2\HD Tune

2015-02-04 15:23:46    --------    d-----w-    C:\PROGRA~2\VS Revo Group

2015-02-04 14:29:00    --------    d-----w-    C:\PROGRA~2\ZHPDiag

2015-01-29 23:01:42    --------    d-----w-    C:\PROGRA~2\KONAMI

2015-01-29 22:49:42    --------    d-----w-    C:\PROGRA~2\directx

2015-01-29 21:51:16    --------    d-----w-    C:\PROGRA~2\DAEMON Tools Lite

2015-01-29 18:48:04    --------    d-----w-    C:\PROGRA~2\Tribo Gamer

2015-01-29 16:28:27    --------    d-----w-    C:\PROGRA~2\Resident Evil 4

2015-01-27 21:31:45    --------    d-----w-    C:\PROGRA~2\Megamanchristian Games

2015-01-26 23:12:42    --------    d-----w-    C:\PROGRA~2\Microsoft Games for Windows - LIVE

2015-01-26 18:44:32    --------    d-----w-    C:\PROGRA~2\GOSafer

2015-01-26 18:44:30    --------    d-----w-    C:\PROGRA~2\NJax

2015-01-26 16:34:36    --------    d-----w-    C:\PROGRA~2\GameVicio

2015-01-23 18:43:38    --------    d-----w-    C:\PROGRA~2\Sony

2015-01-22 11:22:27    --------    d-----w-    C:\PROGRA~2\Resident Evil Revelations

2015-01-19 18:29:49    --------    d-----w-    C:\PROGRA~2\Legendas-3.1

======= C: =====

2015-02-04 15:00:36    167FDBD157A770F25DC1CF41E79905C4    512    ----a-w-    C:\PhysicalDisk0_MBR.bin

2015-02-02 15:33:32    BE94B0BC1D268862747A7AB821FAA2BA    10949    ----a-w-    C:\AdsFix.txt

====== C:\Users\User\AppData\Roaming ======

2015-02-05 16:30:20    48794071189C293A116FC26EDCFEE8BD    73288    ----a-w-    C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2015-02-04 15:48:22    --------    d-----w-    C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan

2015-02-04 15:29:31    --------    d-----w-    C:\Users\User\AppData\Roaming\QuickScan

2015-02-04 15:23:47    --------    d-----w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2015-02-04 14:29:01    --------    d-----w-    C:\Users\User\AppData\Roaming\ZHP

2015-02-02 13:55:14    --------    d-----w-    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2015-02-02 13:55:14    --------    d-----w-    C:\Users\USURIO~1\AppData\Local\Temp

2015-02-02 13:55:14    --------    d-----w-    C:\Users\Default\AppData\Local\Temp

2015-02-02 13:55:14    --------    d-----w-    C:\Users\Default User\AppData\Local\Temp

2015-02-02 13:55:13    --------    d-----w-    C:\Users\User\AppData\Local\Temp

2015-01-29 23:11:05    --------    d-----w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-01-29 21:51:22    --------    d-----w-    C:\Users\User\AppData\Roaming\DAEMON Tools Lite

2015-01-26 18:49:37    --------    d-----w-    C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\BAVData

2015-01-26 16:35:13    --------    d-----w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio

2015-01-23 23:28:50    --------    d-----w-    C:\Users\User\AppData\Roaming\Resident Evil 6_unistall

2015-01-23 18:50:24    --------    d-----w-    C:\Users\User\AppData\Local\Sony

2015-01-22 11:41:08    --------    d-----w-    C:\Users\User\AppData\Local\FLT

2015-01-22 11:40:23    --------    d-----w-    C:\Users\User\AppData\Local\CAPCOM

====== C:\Users\User ======

2015-02-05 17:38:57    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune

2015-02-05 17:34:06    088812A121E0A9CEB40CE9C808C8A90C    642632    ----a-w-    C:\Users\User\Downloads\hdtune_255.exe

2015-02-05 14:43:02    C79AF0627BA58C2DD1723EA5376BD605    38706096    ----a-w-    C:\Users\User\Downloads\97to03w8.exe

2015-02-04 15:48:02    FDD214165813C81A18AAC612076D8186    1593927    ----a-w-    C:\Users\TODOSO~1\1423064341.bdinstall.bin

2015-02-04 15:48:02    FDD214165813C81A18AAC612076D8186    1593927    ----a-w-    C:\ProgramData\1423064341.bdinstall.bin

2015-02-04 15:44:17    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition

2015-02-04 15:31:03    613D666AD85B462FEFE34AC6A9DE118A    1692    ----a-w-    C:\Users\TODOSO~1\1423063859.bdinstall.bin

2015-02-04 15:31:03    613D666AD85B462FEFE34AC6A9DE118A    1692    ----a-w-    C:\ProgramData\1423063859.bdinstall.bin

2015-02-04 15:30:17    27C016C9C4FC9C6375A905A131648AC8    1692    ----a-w-    C:\Users\TODOSO~1\1423063809.bdinstall.bin

2015-02-04 15:30:17    27C016C9C4FC9C6375A905A131648AC8    1692    ----a-w-    C:\ProgramData\1423063809.bdinstall.bin

2015-02-04 15:29:56    849FEF6F31F667A4EDBDF64316A274F8    1691    ----a-w-    C:\Users\TODOSO~1\1423063772.bdinstall.bin

2015-02-04 15:29:56    849FEF6F31F667A4EDBDF64316A274F8    1691    ----a-w-    C:\ProgramData\1423063772.bdinstall.bin

2015-02-04 14:29:06    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

2015-02-02 14:59:21    FCC459BB8B8BF8BD500AD856305FDA70    2453504    ----a-w-    C:\Users\User\Desktop\AdsFix.exe

2015-02-02 14:08:27    B9E1BF24EF01A82701B09BE75D294085    1707939    ----a-w-    C:\Users\User\Downloads\JRT.exe

2015-01-29 23:09:14    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI

2015-01-29 21:56:21    --------    d-----w-    C:\Users\Public\Documents\DAEMON Tools Images

2015-01-29 21:53:41    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

2015-01-29 21:49:29    --------    d-----w-    C:\Users\TODOSO~1\DAEMON Tools Lite

2015-01-29 21:49:29    --------    d-----w-    C:\ProgramData\DAEMON Tools Lite

2015-01-29 18:48:06    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer

2015-01-27 23:27:01    8E1B08222F20E45A3E8DB04C569F9CB7    8    --sha-r-    C:\Users\TODOSO~1\ntuser.pol

2015-01-27 23:27:01    8E1B08222F20E45A3E8DB04C569F9CB7    8    --sha-r-    C:\ProgramData\ntuser.pol

2015-01-27 21:32:47    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\God Of War Version Pc

2015-01-26 23:15:32    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE

2015-01-26 18:56:56    57F548CC50AD2DE004E07E6F77CE8015    227    ----a-w-    C:\Users\TODOSO~1\bc.ini

2015-01-26 18:56:56    57F548CC50AD2DE004E07E6F77CE8015    227    ----a-w-    C:\ProgramData\bc.ini

2015-01-26 18:52:28    FC77986C2F2B9752EE344FACA1880BA2    2194432    ----a-w-    C:\Users\User\Downloads\adwcleaner_4.109.exe

2015-01-26 16:35:13    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVicio

2015-01-23 23:33:40    --------    d-----w-    C:\Users\TODOSO~1\Steam

2015-01-23 23:33:40    --------    d-----w-    C:\ProgramData\Steam

2015-01-23 18:44:09    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2015-01-23 18:43:38    --------    d-----w-    C:\Users\TODOSO~1\Sony

2015-01-23 18:43:38    --------    d-----w-    C:\ProgramData\Sony



====== C: exe-files ==

2015-02-05 17:38:57    F8FC2D14DF813CC920A39B3CB7E59CBC    401408    ----a-w-    C:\Program Files (x86)\HD Tune\HDTune.exe

2015-02-05 17:38:57    CEFC20D14D9940D53505E9B9769139E7    682266    ----a-w-    C:\Program Files (x86)\HD Tune\unins000.exe

2015-02-05 17:34:06    088812A121E0A9CEB40CE9C808C8A90C    642632    ----a-w-    C:\Users\User\Downloads\hdtune_255.exe

2015-02-05 16:25:29    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2015-02-05 14:43:02    C79AF0627BA58C2DD1723EA5376BD605    38706096    ----a-w-    C:\Users\User\Downloads\97to03w8.exe

2015-02-04 18:22:49    FD98434B6A06FE31A35E4BFBC827B290    52040    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe

2015-02-04 18:22:49    7CA00A58AA808F4B9844C91845910377    880208    ----a-w-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe

2015-02-04 18:22:49    5F0A3AA68785C49454F56C9F2DDA0237    52040    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe

2015-02-04 18:22:49    4C02536F4CA35911FB3EA5715F300C57    52040    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe

2015-02-04 18:22:43    F3B6470DA7CE34E559D3BA7365CC909C    115528    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe

2015-02-04 18:22:43    E1B44A75947137F4143308D566889837    107848    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe

2015-02-04 18:22:43    83BB030C71C9727DCFB2737005772C4E    232264    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

2015-02-04 18:22:43    323CFFFDAF253AC65CD194A101BE6231    287048    ----atw-    C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

2015-02-04 18:22:39    7CA00A58AA808F4B9844C91845910377    880208    ----a-w-    C:\Program Files (x86)\Google\Update\Install\{9B74EC50-45B2-490E-BA77-B53FBDC9D3B2}\GoogleUpdateSetup.exe

2015-02-04 18:22:39    7CA00A58AA808F4B9844C91845910377    880208    ----a-w-    C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe

2015-02-04 15:44:20    8477FB1D573CE8F8B92E71302308D399    14720    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\WPFKickstarter.exe

2015-02-04 15:44:20    199F11A6FC6689BFCCF1A9E7832C3B63    15232    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\WPFKickstarter4.exe

2015-02-04 15:44:19    E2316D482BCD6CADD878500D132BCEF5    815600    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\setuplauncher.exe

2015-02-04 15:44:19    DADF458CDA563109C5E53B2B7669C2F8    16922360    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\ThreatScanner.exe

2015-02-04 15:44:19    D9621F7E1DC3E40AAD4A7D0736A33A3B    567888    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\Installer.exe

2015-02-04 15:44:19    A51C2369EEF4FC159B9A9DA695A7E990    970088    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\pt-BR.exe

2015-02-04 15:44:19    5B230017B04914B12070552EC5419867    1043000    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\ro-RO.exe

2015-02-04 15:44:19    574E467C75840E19D3196C52947B6081    1837096    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\en-US.exe

2015-02-04 15:44:19    377DBA1E531CD11EBC45B907B454D247    156304    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\avcheck.exe

2015-02-04 15:44:19    34F92C8A489F04D401A8E3E5A49F7959    969400    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\it-IT.exe

2015-02-04 15:44:19    2CFC225988F4932DF538CF5F4BED3C8B    17348032    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\installerpackage.exe

2015-02-04 15:44:11    DE6C895E14E7D7D45A1A7276754BDB92    19944    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\gzifaceexec.exe

2015-02-04 15:44:11    B8E08510721D367F1330F6A0B9CA9F99    1312072    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe

2015-02-04 15:44:11    B5CBEB9EB25A8230463037A647BC1469    69368    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe

2015-02-04 15:44:11    B34E17D28EB63DE8C5AD60539AF421A4    602872    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\gztray4.exe

2015-02-04 15:44:11    82C67B91F26DE0CB7315E2CE622433E2    524032    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\gztray.exe

2015-02-04 15:44:11    5BC79AC4470CF45BFE3DEFD5520D63E9    50328    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\ThreatScanner\gc.exe

2015-02-04 15:44:11    3F5DD8A7CA79C562AF939067E8B07764    153280    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\ifacemodel4.exe

2015-02-04 15:44:11    33205C6D38A2A4B3766230A489B56396    218736    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\bdreinit.exe

2015-02-04 15:44:11    12806F9E1F69F73D6EAF1E2F172E3E12    153232    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\ifacemodel.exe

2015-02-04 15:44:10    C426283AD9FAD74726C961373E5B9E4A    254280    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe

2015-02-04 15:44:10    9CB162599CBA2CD46090A3CB093FE6E5    74000    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\driverctrl.exe

2015-02-04 15:44:10    6F070125C784EAB1F602E19005BC2D25    78144    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\avchvinst.exe

2015-02-04 15:44:10    5A9C5CE8BDCA8568D798259A31991893    70928    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\setloadorder.exe

2015-02-04 15:44:10    1D5559AB66613ED08A639C342F44D207    17896    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\elevator.exe

2015-02-04 15:43:37    DADF458CDA563109C5E53B2B7669C2F8    16922360    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\ThreatScanner.exe

2015-02-04 15:43:14    2CFC225988F4932DF538CF5F4BED3C8B    17348032    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\installerpackage.exe

2015-02-04 15:38:59    A51C2369EEF4FC159B9A9DA695A7E990    970088    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe

2015-02-04 15:38:59    5B230017B04914B12070552EC5419867    1043000    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe

2015-02-04 15:38:59    574E467C75840E19D3196C52947B6081    1837096    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\en-US.exe

2015-02-04 15:38:59    34F92C8A489F04D401A8E3E5A49F7959    969400    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\lang\it-IT.exe

2015-02-04 15:38:58    E2316D482BCD6CADD878500D132BCEF5    815600    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\setuplauncher.exe

2015-02-04 15:38:58    D9621F7E1DC3E40AAD4A7D0736A33A3B    567888    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\Installer.exe

2015-02-04 15:38:57    8477FB1D573CE8F8B92E71302308D399    14720    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe

2015-02-04 15:38:57    377DBA1E531CD11EBC45B907B454D247    156304    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\avcheck.exe

2015-02-04 15:38:57    199F11A6FC6689BFCCF1A9E7832C3B63    15232    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe

2015-02-04 15:38:43    23A5AF749C6EFB330387CA4E88227BDA    10447328    ----a-w-    C:\Users\User\Downloads\A trainer's\Antivirus_Free_Edition_x64.exe

2015-02-04 15:38:19    DE1F74C3471F2C9A8C0B3969E692F7B2    162208    ----a-w-    C:\Users\User\Downloads\A trainer's\Antivirus_Free_Edition.exe

2015-02-04 15:23:48    761102A9B90EC601E8B3071120063D74    87550    ----a-w-    C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe

2015-02-04 15:23:01    4F99CAE27FFD46712E65C21444AACDFC    2623656    ----a-w-    C:\Users\User\Downloads\A trainer's\revosetup.exe

2015-02-04 15:21:08    5DCB5CCEDAC03172525868E52A4BD436    9927424    ----a-w-    C:\Users\User\Downloads\A trainer's\Antivirus_Free_Edition_x86.exe

2015-02-04 14:29:06    F3A37421DBD1AAA36558C97572C91C5A    147456    ----a-w-    C:\Program Files (x86)\ZHPDiag\catchme.exe

2015-02-04 14:29:06    CB2D120A4B72422A8141192831B1F500    80384    ----a-w-    C:\Program Files (x86)\ZHPDiag\mbrcheck.exe

2015-02-04 14:29:06    5DAF7081A4BB112FA3F1915819330A3E    61440    ----a-w-    C:\Program Files (x86)\ZHPDiag\pv.exe

2015-02-04 14:29:06    2312A38B8B003330DB919FA818C48449    231048    ----a-w-    C:\Program Files (x86)\ZHPDiag\sigcheck.exe

2015-02-04 14:29:05    9DAA7218961710008D7385B01BD3F386    89088    ----a-w-    C:\Program Files (x86)\ZHPDiag\mbr.exe

2015-02-04 14:29:05    6B8AF3A2A3D9059008B55C444461CA00    61952    ----a-w-    C:\Program Files (x86)\ZHPDiag\Lads.exe

2015-02-04 14:29:05    53CDBB093B0AEE9FD6CF1CBD25A95077    290304    ----a-w-    C:\Program Files (x86)\ZHPDiag\subinacl.exe

2015-02-04 14:29:05    451AE03D3C92777F09840CA56F08AB62    454056    ----a-w-    C:\Program Files (x86)\ZHPDiag\setacl32.exe

2015-02-04 14:29:05    3E350EB5DF15C06DEC400A39DD1C6F29    559528    ----a-w-    C:\Program Files (x86)\ZHPDiag\setacl64.exe

2015-02-04 14:29:04    C155A13687144076286989EF078112C2    1917440    ----a-w-    C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe

2015-02-04 14:29:03    3972143EE1A3AD5C732BE7B96A239BC1    3060224    ----a-w-    C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPFix.exe

2015-02-04 14:29:02    BE52EDAADE29AC59681B6CD60E257C92    8158720    ----a-w-    C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe

2015-02-04 14:29:01    C155A13687144076286989EF078112C2    1917440    ----a-w-    C:\Program Files (x86)\ZHPDiag\ZHPhep.exe

2015-02-04 14:29:01    8AE13B97BFCAD6C7D3B8C8A1C298EFB4    694736    ----a-w-    C:\Program Files (x86)\ZHPDiag\unins000.exe

2015-02-04 14:26:40    CBBAE1F5D338E83BA86557A15A119356    6870007    ----a-w-    C:\Users\User\Downloads\A trainer's\ZHPDiag2.exe

2015-02-03 22:26:07    0739ACE3F8013D65099AE1656214142B    795728    ----a-w-    C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.94\40.0.2214.94_40.0.2214.93_chrome_updater_b.exe

2015-02-02 14:59:21    FCC459BB8B8BF8BD500AD856305FDA70    2453504    ----a-w-    C:\Users\User\Desktop\AdsFix.exe

2015-02-02 14:08:27    B9E1BF24EF01A82701B09BE75D294085    1707939    ----a-w-    C:\Users\User\Downloads\JRT.exe

2015-01-30 02:18:41    95C947643A524B92926113EA8CFB9CE4    5459968    ----a-w-    C:\Users\User\Documents\Silent Hill 2\Backup\sh2pc.exe

2015-01-30 01:38:35    3D76B2AC0A3EB4449F3677D5F0ACA230    127488    ----a-w-    C:\Program Files (x86)\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\Setup.exe

2015-01-29 21:51:27    BD217B63289396563D8E1CE82E20C405    52032    ----a-w-    C:\Program Files (x86)\DAEMON Tools Lite\dtsoftbusinst64.exe

2015-01-29 18:48:05    524D55E97BD8ED961FBD2C6A36517DB7    29890    ----a-w-    C:\Program Files (x86)\Tribo Gamer\Resident Evil 4 HD\Desinstalar a Tradução.exe

=== C: other files ==

2015-02-05 16:25:29    F56A319979F631C141F5FF02DF87FDB1    43563    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\prelim.bat

2015-02-05 16:25:29    E49F9C309DC32E854A081507B89EBE39    11201    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\runvalues.bat

2015-02-05 16:25:29    DD1E4D974B1672ABD09EFFB225791C4A    1230    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\TDL4.bat

2015-02-05 16:25:29    AD2F52DC72B10AF331692E4A4DD80DFC    18670    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\medfos.bat

2015-02-05 16:25:29    AA0C656F898523BEDF2DA6923197BB80    1264    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\surfvox.bat

2015-02-05 16:25:29    8E6020C14F982CF11B3FE7DBB0CB8EDE    24738    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\searchlnk.bat

2015-02-05 16:25:29    8BA81DD47CF392BEBEE506E3789F9FBA    14924    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\get.bat

2015-02-05 16:25:29    86707BCE5CBB65D9B1C41E249B4423BA    152733    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\firefox.bat

2015-02-05 16:25:29    83F691D8398F0E37E71E9355BF730DB9    719    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\ev_clear.bat

2015-02-05 16:25:29    56CE326F6AAE3CF1709D332C04E8F9F1    191237    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\misc.bat

2015-02-05 16:25:29    38A0BDF322ACCC968B0A824C38D50157    29635    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\ask.bat

2015-02-05 16:25:29    335DFF8F23E5EC02B5426362F0F8509B    31401    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\iexplore.bat

2015-02-05 16:25:29    0C4649A62845AB5D5DBCC4998477FF6D    1813    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\delfolders.bat

2015-02-05 16:25:29    080CFDE64F31E7B50EECF4552033E84D    9937    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\mws.bat

2015-02-05 16:25:29    048407135C9B1FB6A355E256BD96160D    14192    ----a-w-    C:\Users\User\AppData\Local\Temp\jrt\chrome.bat

2015-02-04 15:51:37    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\fallback\1\avchv.sys

2015-02-04 15:44:20    132C0E39AF0312E6B9611E2E1B344D41    382536    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\trufos.sys

2015-02-04 15:44:19    408B664926675C270D911160F1631D6B    148696    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\gzflt.sys

2015-02-04 15:44:10    C0247341C1BCD7FF2742821D0AD7AFBC    121928    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys

2015-02-04 15:44:10    AAE1DAE483DD57D0E267FCA42FCB5133    718840    ----a-w-    C:\Windows\System32\drivers\avc3.sys

2015-02-04 15:44:10    AAE1DAE483DD57D0E267FCA42FCB5133    718840    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\avc3.sys

2015-02-04 15:44:10    8183B715BD56561C27BEBB68B1192B7A    593144    ----a-w-    C:\Windows\System32\drivers\avckf.sys

2015-02-04 15:44:10    8183B715BD56561C27BEBB68B1192B7A    593144    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\avckf.sys

2015-02-04 15:44:10    3B9549FEF98AB1768A1D6A919F355B70    261056    ----a-w-    C:\Windows\System32\drivers\avchv.sys

2015-02-04 15:44:10    3B9549FEF98AB1768A1D6A919F355B70    261056    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\avchv.sys

2015-02-04 15:44:10    140FE153F556D543EBFD5B751DC89EE5    138920    ----a-w-    C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys

2015-02-04 15:39:21    408B664926675C270D911160F1631D6B    148696    ----a-w-    C:\Windows\System32\drivers\gzflt.sys

2015-02-04 15:39:21    132C0E39AF0312E6B9611E2E1B344D41    382536    ----a-w-    C:\Windows\System32\drivers\trufos.sys

2015-02-04 15:38:58    132C0E39AF0312E6B9611E2E1B344D41    382536    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\trufos.sys

2015-02-04 15:38:57    408B664926675C270D911160F1631D6B    148696    ----a-w-    C:\Users\User\AppData\Local\Temp\RarSFX0\gzflt.sys

2015-01-30 14:14:22    8D5C0CE634606101A7C46B694087EBB1    3072    ----a-w-    C:\Users\User\Documents\Silent Hill 2\data\save\Folder 01\sh2pc.sys

2015-01-29 21:51:28    33F90B202E9DD9B7D489EB59310FDC34    283064    ----a-w-    C:\Windows\System32\drivers\dtsoftbus01.sys

2015-01-29 21:51:28    33F90B202E9DD9B7D489EB59310FDC34    283064    ----a-w-    C:\Program Files (x86)\DAEMON Tools Lite\dtsoftbus01.sys



==== Startup Registry Enabled ======================



[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"



[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"



[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:<a href="http://go.microsoft.com/fwlink/?LinkID=122915" target="_blank">http://go.microsoft.com/fwlink/?LinkID=122915</a> /build:7601"



[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"



[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"



[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:<a href="http://go.microsoft.com/fwlink/?LinkID=122915" target="_blank">http://go.microsoft.com/fwlink/?LinkID=122915</a> /build:7601"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]



[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"



==== Startup Registry Enabled x64 ======================



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"



==== Startup Registry Disabled x64 ======================



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer ePower Management]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Acer ePower Management"

"hkey"="HKLM"

"command"="C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTrayLauncher.exe"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ArcadeDeluxeAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BackupManagerTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\NewTech Infosystems\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecLiveUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EgisTecLiveUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec Egis Software Update\\EgisUpdate.exe\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FlashPlayerUpdate]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"

"item"="FlashPlayerUpdate"

"hkey"="HKCU"

"command"="C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_Plugin.exe -update plugin"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LManager"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mwlDaemon"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PlayMovie"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PLFSetI"

"hkey"="HKLM"

"command"="C:\\Windows\\PLFSetI.exe"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony PC Companion]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Sony PC Companion"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCompanion.exe\" /Background"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""





[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BrOffice.org 2.4.lnk]

"item"="BrOffice.org 2.4"

"path"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BrOffice.org 2.4.lnk"

"backup"="C:\\Windows\\pss\\BrOffice.org 2.4.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~2\\BROFFI~1.4\\program\\QUICKS~1.EXE"



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

"item"="Dropbox"

"path"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"

"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\Users\\User\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"





==== Task Scheduler Jobs ======================



C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/01/2014 09:14]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/01/2014 09:14]



==== Other Scheduled Tasks ======================



"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\{1E7B8A58-122F-47A2-8D35-BDA62B836CE9}" [C:\Program Files (x86)\Warzone 2100-3.1.1\warzone2100.exe]

"C:\Windows\SysNative\tasks\{2CF54430-8428-4756-BB72-1398F48E115A}" [C:\Program Files (x86)\SecondLifeViewer\SecondLifeViewer.exe]

"C:\Windows\SysNative\tasks\{2E389E8D-1BCA-4D81-AA02-E5EE697C8CD4}" [C:\Program Files (x86)\Warzone 2100-3.1.1\warzone2100.exe]

"C:\Windows\SysNative\tasks\{9C97C6E0-59B9-433B-A52C-BA875EDC1EBE}" [C:\Program Files (x86)\Warzone 2100-3.1.1\warzone2100.exe]

"C:\Windows\SysNative\tasks\{9E6139D2-7B74-4542-8284-1D3A77CB9CC8}" [C:\Program Files (x86)\Warzone 2100-3.1.1\warzone2100.exe]

"C:\Windows\SysNative\tasks\{B410975C-D9F5-4EFE-B5DB-690307795632}" [C:\Program Files (x86)\SecondLifeViewer\SecondLifeViewer.exe]

"C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe]



==== Firefox Start and Search pages ======================



ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\n4kukb15.default-1399840422394

user_pref("browser.startup.homepage", "about:home&quot;



==== Firefox Extensions ======================



ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\n4kukb15.default-1399840422394

- Undetermined - {c07d1a49-9894-49ff-a594-38960ede8fb9}

- c07d1a49989449ffa59438960ede8fb9 - %ProfilePath%\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}



AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}



==== Firefox Plugins ======================



Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\n4kukb15.default-1399840422394

1919A4E982A86647F79ADD23B9AC3E11    - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -    Unity Player

A58DE0A570148AF5FF3512B2A340D09F    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -    Shockwave Flash





==== Chromium Look ======================



Google Chrome Version: 40.0.2214.94 (Up to date, latest Stable version: 40.0.2214.94)





Google Slides - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

selector is not a valid CSS selector - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Desprotetor.com - Desprotetor de links - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl

Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Sheets - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



==== Set IE to Default ======================



Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"



New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"



==== All HKCU SearchScopes ======================



HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"



==== Deleting Registry Keys ======================



HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully



==== Empty IE Cache ======================



C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully



==== Empty FireFox Cache ======================



No FireFox Cache found



==== Empty Chrome Cache ======================



C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully



==== Empty All Flash Cache ======================



Flash Cache Emptied Successfully



==== Empty All Java Cache ======================



Java Cache cleared successfully



==== C:\zoek_backup content ======================



C:\zoek_backup (files=30 folders=16 2597614 bytes)



==== Empty Temp Folders ======================



C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\User\AppData\Local\Temp will be emptied at reboot

C:\Users\USURIO~1\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot



==== After Reboot ======================



==== Empty Temp Folders ======================



C:\Windows\Temp successfully emptied

C:\Users\User\AppData\Local\Temp successfully emptied



==== Empty Recycle Bin ======================



C:\$RECYCLE.BIN successfully emptied



==== EOF on 05/02/2015 at 16:54:09,65 ======================
R. Moran
"Podemos facilmente perdoar uma criança que tem medo do escuro; a real tragédia da vida é quando os homens têm medo da luz."
Platão
caedurodrigues
caedurodrigu... Tô em todas Registrado
710 Mensagens 257 Curtidas
#15 Por caedurodrigu...
06/02/2015 - 00:37
Boa noite R. Moran,
Baidu Antivirus;u
Bfmon;s
Bndef;s
Bprotect;s
Bfilter;s
{B580CF65-E151-49C3-B73F-70B13FCA8E86};c
{B580CF65-E151-49C3-B73F-70B13FCA8E86};c
C:\zoek_backup\C_PROGRA~3_Baidu;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing];64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp];r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}];r64
"DllName"=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}];r64
"DllName"=-;r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus];r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command];r64
@=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon];r64
@=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command];r64
@=-;r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan];r64
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000];ra
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000];ra
[-HKEY_USERS\.DEFAULT\Software\Baidu];r64
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug];r64
[-HKEY_USERS\.DEFAULT\Software\Baidu Security];r64
[-HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security];r64
[-HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback];r64
[-HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback\products];r64
[-HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Baidu Security\Feedback\products\1];r64
[HKEY_USERS\S-1-5-21-1952561570-3406765086-4093738655-1000\Software\Microsoft\IntelliType Pro\AppSpecific\FasterNow.exe];r64
"Path"=-;r64
[-HKEY_USERS\S-1-5-18\Software\Baidu];r64
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug];r64
[-HKEY_USERS\S-1-5-18\Software\Baidu Security];r64
Baidu;a
Baidu;z

Copie e cole estas informações,que estão em vermelho,no campo da ferramenta Zoek.
Clique "Run Script".
Aguarde o término. Ao final abrirá o bloco de notas com o relatório.
Uma cópia também será salva no seu disco local com o nome zoek-results.txt.
Anexe o zoek-results.txt na sua próxima resposta.


bda2ffa2e92f7f2a44c02bfd0ae2986b
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >
Responder Tópico
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal