Fixlog.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-07-2016
Executado por walbe (2016-07-21 11:52:23) Run:1
Executando a partir de C:\Users\walbe\Desktop
Perfis Carregados: walbe (Perfis Disponíveis: walbe)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
start
CloseProcesses:
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://minilua.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp:/www.google.com.br
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://slightsearch.ru/?ri=1&uid=7af36c21a84027677a308064513d2926&q={searchTerms}
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://minilua.com/
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
URLSearchHook: [S-1-5-21-605499448-4286189888-3652374249-1001] ATENÇÃO => A URLSearchHook Padrão está ausente
SearchScopes: HKU\S-1-5-21-605499448-4286189888-3652374249-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: WSWSVCUchrome - Nenhum Valor CLSID
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2016-04-10 23:23 - 2016-04-10 23:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo\Destinatário do fax.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\Users\walbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk -> C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.) -> /help
ShortcutWithArgument: C:\Users\walbe\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\walbe\AppData\Roaming\IObit\Advanced SystemCare V7\Advanced SystemCare 9.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe (IObit) -> /manual
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
Task: {01862897-EBC2-40CA-816E-3F6B5C0DB766} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [1969-12-31] (Enigma Software Group USA, LLC.)
Task: {13B7ED8B-FD87-42B3-B45C-7DB9C0C4C2BA} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic
Task: {735939EE-AF05-4D54-A4D6-0FB34681EF43} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic
Shortcut: C:\Users\walbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com/
2016-04-28 22:58 - 2016-04-28 22:58 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
FirewallRules: [{4C388D64-C066-4E7E-83DE-C314FDC75546}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{6621CC18-FF4B-4DEC-B54E-F7A5157D6615}] => (Allow) C:\Windows\KMS-R@1n.exe
C:\Users\walbe\AppData\Local\Temp\50mqwrh1.dll
C:\Users\walbe\AppData\Local\Temp\7za.exe
C:\Users\walbe\AppData\Local\Temp\hijackthis.exe
C:\Users\walbe\AppData\Local\Temp\k2w3mmsj.dll
C:\Users\walbe\AppData\Local\Temp\NirCmd.exe
C:\Users\walbe\AppData\Local\Temp\PEVZ.EXE
C:\Users\walbe\AppData\Local\Temp\remove.exe
C:\Users\walbe\AppData\Local\Temp\sed.exe
C:\Users\walbe\AppData\Local\Temp\shortcut.exe
C:\Users\walbe\AppData\Local\Temp\swreg.exe
C:\Users\walbe\AppData\Local\Temp\wget.exe
C:\Users\walbe\AppData\Local\Temp\ZAScan.exe
C:\Users\walbe\AppData\Local\Temp\zoek-delete.exe
CreateRestorePoint:
CMD: sfc /scannow
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processos fechados com sucesso.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => chave removido (a) com sucesso.
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => chave não encontrado (a).
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => chave removido (a) com sucesso.
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => chave não encontrado (a).
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => chave removido (a) com sucesso.
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => chave não encontrado (a).
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => chave não encontrado (a).
"HKLM\SOFTWARE\Policies\Google" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar => valor removido (a) com sucesso.
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => valor removido (a) com sucesso.
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => valor removido (a) com sucesso.
Não foi possível restaurar Padrão URLSearchHook.
HKU\S-1-5-21-605499448-4286189888-3652374249-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => chave removido (a) com sucesso.
AvastVBoxSvc => serviço Não pode ser removido
intaud_WaveExtensible => serviço removido (a) com sucesso.
VBoxAswDrv => serviço Não pode ser removido
C:\ProgramData\DP45977C.lfl => movido com sucesso
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo\Destinatário do fax.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Administrador\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Search.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Roaming\IObit\Advanced SystemCare V7\Advanced SystemCare 9.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\walbe\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk => Atalho argumento removido (a) com sucesso..
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01862897-EBC2-40CA-816E-3F6B5C0DB766}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01862897-EBC2-40CA-816E-3F6B5C0DB766}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SpyHunter4Startup => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13B7ED8B-FD87-42B3-B45C-7DB9C0C4C2BA}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13B7ED8B-FD87-42B3-B45C-7DB9C0C4C2BA}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{735939EE-AF05-4D54-A4D6-0FB34681EF43}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{735939EE-AF05-4D54-A4D6-0FB34681EF43}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\R@1n-KMS\Office16ProPlus => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Office16ProPlus" => chave removido (a) com sucesso.
C:\Users\walbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk => movido com sucesso
C:\Windows\KMS-R@1n.exe => movido com sucesso
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C388D64-C066-4E7E-83DE-C314FDC75546} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6621CC18-FF4B-4DEC-B54E-F7A5157D6615} => valor removido (a) com sucesso.
C:\Users\walbe\AppData\Local\Temp\50mqwrh1.dll => movido com sucesso
"C:\Users\walbe\AppData\Local\Temp\7za.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\hijackthis.exe" => não encontrado (a).
C:\Users\walbe\AppData\Local\Temp\k2w3mmsj.dll => movido com sucesso
"C:\Users\walbe\AppData\Local\Temp\NirCmd.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\PEVZ.EXE" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\remove.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\sed.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\shortcut.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\swreg.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\wget.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\ZAScan.exe" => não encontrado (a).
"C:\Users\walbe\AppData\Local\Temp\zoek-delete.exe" => não encontrado (a).
Ponto de Restauração criado com sucesso.

========= sfc /scannow =========

Iniciando verifica��o de arquivos. O processo levar� alguns minutos para ser conclu�do.

Iniciando fase de verifica��o de verifica��o do sistema.
Verifica��o 0% conclu�da.Verifica��o 0% conclu�da.Verifica��o 1% conclu�da.Verifica��o 1% conclu�da.Verifica��o 2% conclu�da.Verifica��o 2% conclu�da.Verifica��o 2% conclu�da.Verifica��o 3% conclu�da.Verifica��o 3% conclu�da.Verifica��o 4% conclu�da.Verifica��o 4% conclu�da.Verifica��o 4% conclu�da.Verifica��o 5% conclu�da.Verifica��o 5% conclu�da.Verifica��o 6% conclu�da.Verifica��o 6% conclu�da.Verifica��o 6% conclu�da.Verifica��o 7% conclu�da.Verifica��o 7% conclu�da.Verifica��o 8% conclu�da.Verifica��o 8% conclu�da.Verifica��o 8% conclu�da.Verifica��o 9% conclu�da.Verifica��o 9% conclu�da.Verifica��o 10% conclu�da.Verifica��o 10% conclu�da.Verifica��o 10% conclu�da.Verifica��o 11% conclu�da.Verifica��o 11% conclu�da.Verifica��o 12% conclu�da.Verifica��o 12% conclu�da.Verifica��o 12% conclu�da.Verifica��o 13% conclu�da.Verifica��o 13% conclu�da.Verifica��o 14% conclu�da.Verifica��o 14% conclu�da.Verifica��o 15% conclu�da.Verifica��o 15% conclu�da.Verifica��o 15% conclu�da.Verifica��o 16% conclu�da.Verifica��o 16% conclu�da.Verifica��o 17% conclu�da.Verifica��o 17% conclu�da.Verifica��o 17% conclu�da.Verifica��o 18% conclu�da.Verifica��o 18% conclu�da.Verifica��o 19% conclu�da.Verifica��o 19% conclu�da.Verifica��o 19% conclu�da.Verifica��o 20% conclu�da.Verifica��o 20% conclu�da.Verifica��o 21% conclu�da.Verifica��o 21% conclu�da.Verifica��o 21% conclu�da.Verifica��o 22% conclu�da.Verifica��o 22% conclu�da.Verifica��o 23% conclu�da.Verifica��o 23% conclu�da.Verifica��o 23% conclu�da.Verifica��o 24% conclu�da.Verifica��o 24% conclu�da.Verifica��o 25% conclu�da.Verifica��o 25% conclu�da.Verifica��o 25% conclu�da.Verifica��o 26% conclu�da.Verifica��o 26% conclu�da.Verifica��o 27% conclu�da.Verifica��o 27% conclu�da.Verifica��o 28% conclu�da.Verifica��o 28% conclu�da.Verifica��o 28% conclu�da.Verifica��o 29% conclu�da.Verifica��o 29% conclu�da.Verifica��o 30% conclu�da.Verifica��o 30% conclu�da.Verifica��o 30% conclu�da.Verifica��o 31% conclu�da.Verifica��o 31% conclu�da.Verifica��o 32% conclu�da.Verifica��o 32% conclu�da.Verifica��o 32% conclu�da.Verifica��o 33% conclu�da.Verifica��o 33% conclu�da.Verifica��o 34% conclu�da.Verifica��o 34% conclu�da.Verifica��o 34% conclu�da.Verifica��o 35% conclu�da.Verifica��o 35% conclu�da.Verifica��o 36% conclu�da.Verifica��o 36% conclu�da.Verifica��o 36% conclu�da.Verifica��o 37% conclu�da.Verifica��o 37% conclu�da.Verifica��o 38% conclu�da.Verifica��o 38% conclu�da.Verifica��o 38% conclu�da.Verifica��o 39% conclu�da.Verifica��o 39% conclu�da.Verifica��o 40% conclu�da.Verifica��o 40% conclu�da.Verifica��o 41% conclu�da.Verifica��o 41% conclu�da.Verifica��o 41% conclu�da.Verifica��o 42% conclu�da.Verifica��o 42% conclu�da.Verifica��o 43% conclu�da.Verifica��o 43% conclu�da.Verifica��o 43% conclu�da.Verifica��o 44% conclu�da.Verifica��o 44% conclu�da.Verifica��o 45% conclu�da.Verifica��o 45% conclu�da.Verifica��o 45% conclu�da.Verifica��o 46% conclu�da.Verifica��o 46% conclu�da.Verifica��o 47% conclu�da.Verifica��o 47% conclu�da.Verifica��o 47% conclu�da.Verifica��o 48% conclu�da.Verifica��o 48% conclu�da.Verifica��o 49% conclu�da.Verifica��o 49% conclu�da.Verifica��o 49% conclu�da.Verifica��o 50% conclu�da.Verifica��o 50% conclu�da.Verifica��o 51% conclu�da.Verifica��o 51% conclu�da.Verifica��o 51% conclu�da.Verifica��o 52% conclu�da.Verifica��o 52% conclu�da.Verifica��o 53% conclu�da.Verifica��o 53% conclu�da.Verifica��o 54% conclu�da.Verifica��o 54% conclu�da.Verifica��o 54% conclu�da.Verifica��o 55% conclu�da.Verifica��o 55% conclu�da.Verifica��o 56% conclu�da.Verifica��o 56% conclu�da.Verifica��o 56% conclu�da.Verifica��o 57% conclu�da.Verifica��o 57% conclu�da.Verifica��o 58% conclu�da.Verifica��o 58% conclu�da.Verifica��o 58% conclu�da.Verifica��o 59% conclu�da.Verifica��o 59% conclu�da.Verifica��o 60% conclu�da.Verifica��o 60% conclu�da.Verifica��o 60% conclu�da.Verifica��o 61% conclu�da.Verifica��o 61% conclu�da.Verifica��o 62% conclu�da.Verifica��o 62% conclu�da.Verifica��o 62% conclu�da.Verifica��o 63% conclu�da.Verifica��o 63% conclu�da.Verifica��o 64% conclu�da.Verifica��o 64% conclu�da.Verifica��o 64% conclu�da.Verifica��o 65% conclu�da.Verifica��o 65% conclu�da.Verifica��o 66% conclu�da.Verifica��o 66% conclu�da.Verifica��o 67% conclu�da.Verifica��o 67% conclu�da.Verifica��o 67% conclu�da.Verifica��o 68% conclu�da.Verifica��o 68% conclu�da.Verifica��o 69% conclu�da.Verifica��o 69% conclu�da.Verifica��o 69% conclu�da.Verifica��o 70% conclu�da.Verifica��o 70% conclu�da.Verifica��o 71% conclu�da.Verifica��o 71% conclu�da.Verifica��o 71% conclu�da.Verifica��o 72% conclu�da.Verifica��o 72% conclu�da.Verifica��o 73% conclu�da.Verifica��o 73% conclu�da.Verifica��o 73% conclu�da.Verifica��o 74% conclu�da.Verifica��o 74% conclu�da.Verifica��o 75% conclu�da.Verifica��o 75% conclu�da.Verifica��o 75% conclu�da.Verifica��o 76% conclu�da.Verifica��o 76% conclu�da.Verifica��o 77% conclu�da.Verifica��o 77% conclu�da.Verifica��o 77% conclu�da.Verifica��o 78% conclu�da.Verifica��o 78% conclu�da.Verifica��o 79% conclu�da.Verifica��o 79% conclu�da.Verifica��o 80% conclu�da.Verifica��o 80% conclu�da.Verifica��o 80% conclu�da.Verifica��o 81% conclu�da.Verifica��o 81% conclu�da.Verifica��o 82% conclu�da.Verifica��o 82% conclu�da.Verifica��o 82% conclu�da.Verifica��o 83% conclu�da.Verifica��o 83% conclu�da.Verifica��o 84% conclu�da.Verifica��o 84% conclu�da.Verifica��o 84% conclu�da.Verifica��o 85% conclu�da.Verifica��o 85% conclu�da.Verifica��o 86% conclu�da.Verifica��o 86% conclu�da.Verifica��o 86% conclu�da.Verifica��o 87% conclu�da.Verifica��o 87% conclu�da.Verifica��o 88% conclu�da.Verifica��o 88% conclu�da.Verifica��o 88% conclu�da.Verifica��o 89% conclu�da.Verifica��o 89% conclu�da.Verifica��o 90% conclu�da.Verifica��o 90% conclu�da.Verifica��o 90% conclu�da.Verifica��o 91% conclu�da.Verifica��o 91% conclu�da.Verifica��o 92% conclu�da.Verifica��o 92% conclu�da.Verifica��o 93% conclu�da.Verifica��o 93% conclu�da.Verifica��o 93% conclu�da.Verifica��o 94% conclu�da.Verifica��o 94% conclu�da.Verifica��o 95% conclu�da.Verifica��o 95% conclu�da.Verifica��o 95% conclu�da.Verifica��o 96% conclu�da.Verifica��o 96% conclu�da.Verifica��o 97% conclu�da.Verifica��o 97% conclu�da.Verifica��o 97% conclu�da.Verifica��o 98% conclu�da.Verifica��o 98% conclu�da.Verifica��o 99% conclu�da.Verifica��o 99% conclu�da.Verifica��o 99% conclu�da.Verifica��o 100% conclu�da.

A Prote��o de Recursos do Windows encontrou arquivos corrompidos e n�o p�de corrigir alguns
deles. Os detalhes est�o inclu�dos em CBS.Log windir\Logs\CBS\CBS.log. Por
exemplo C:\Windows\Logs\CBS\CBS.log. Observe que, no momento, n�o h�
suporte para registro em log em cen�rios de instala��o offline.

========= Fim deCMD: =========

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14858968 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 61343388 B
Edge => 35052 B
Chrome => 7663365 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 415928 B
NetworkService => 27270 B
walbe => 18821572 B

RecycleBin => 13229066777 B
EmptyTemp: => 12.4 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 12:57:21 ====

Signaler le contenu de ce document