Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:09-01-2015 Executado por Áleson (2016-01-11 00:53:12) Run:2 Executando a partir de C:\Users\Áleson\Desktop Perfis Carregados: Áleson (Perfis Disponíveis: Áleson) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax_RESTART] => [X] HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7563959d-7e4d-11e4-becb-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {773626ec-1da3-11e4-beb1-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba5be-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba713-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7ba3-d9b4-11e2-be75-e9d724763151} - "G:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7d0d-d9b4-11e2-be75-e9d724763151} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c91fe-d9b4-11e2-be75-c17d6f352bb7} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c9266-d9b4-11e2-be75-c17d6f352bb7} - "G:\AutoRun.exe" GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> DefaultScope {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} BHO-x32: Sem Nome -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Nenhum Arquivo StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.searchult.com/?bd=sc&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329 StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 S2 bavsvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe" [X] S2 bhipssvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe" [X] R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X] R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.) R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.) R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.) S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X] S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X] S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X] S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X] S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X] S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X] S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X] 2016-01-10 00:31 - 2016-01-10 00:58 - 00000261 _____ C:\VundoFix.txt 2016-01-10 00:31 - 2016-01-10 00:31 - 00000000 ____D C:\VundoFix Backups 2016-01-09 19:10 - 2016-01-09 19:10 - 00119808 _____ (Atribune.org) C:\Users\Áleson\Desktop\VundoFix.exe 2016-01-09 19:07 - 2016-01-10 00:24 - 00004908 _____ C:\InfoSat.txt 2016-01-09 19:05 - 2016-01-09 19:05 - 00001735 _____ C:\Users\Áleson\Desktop\dfdsfs.txt 2016-01-09 13:19 - 2016-01-10 01:24 - 00849766 _____ C:\WINDOWS\ntbtlog.txt 2016-01-03 14:00 - 2016-01-03 14:00 - 00002020 _____ C:\Users\Áleson\Downloads\monomania.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte (1).txt 2015-12-01 01:15 - 2015-12-01 01:15 - 00015464 _____ C:\WINDOWS\DelYac64.sys 2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll 2015-04-10 07:00 - 2013-02-05 11:18 - 0164864 ____H () C:\ProgramData\uemtqux.exe FirewallRules: [{6B1B2480-CEB4-46D5-AA91-1CBD0AB23F4D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D868168F-594A-42F1-AB46-94E27C199E5E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{2E43BE09-74EE-4440-80FE-DD47DD5BA132}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6E262CAA-80AF-4080-85BF-3309027FA101}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{E0BCDD68-740D-48E7-BD4A-15C1B4DE6B23}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{5FC202C1-0C4B-478B-80CA-FF60E606CA2A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{20CA7314-A39B-47B2-896B-57819EA44152}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{1C1878ED-A6EE-4730-BA3C-FE09155656AC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{F28D0500-E0D4-470E-8CCD-C44BF99BE134}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{440BE007-69BF-4AF6-ABB3-A7D2AFEC5B56}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{B7400691-9F5B-40D0-865A-7BD2AC415865}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [UDP Query User{103B2CEE-7BF6-4D69-8CEB-D750D1BBCB3E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [{94D4A7CA-1638-4E9E-A136-F4011F6BE158}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{86FEA00A-800C-4C9B-99A8-BE1F3BF7B2C6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{3E5525B6-6D78-47F2-A828-33522AE2D674}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{FBC8E308-F260-4EE6-B757-305D1F090D31}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{B2979BE3-813A-4A9E-A81B-F02D7DDD45E6}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [UDP Query User{525AC802-CF77-45FD-A337-3BBE9B5257CD}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [{E2961D3F-4AC8-432E-B647-B2FCE4267125}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{1C54ACCE-3D90-4966-883A-FB73149DEB26}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{6C21EE86-E016-4B1C-82F7-2ACAFB2555ED}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{0984D31D-EFCB-4744-8684-1C6F6FFD5F0C}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe AlternateDataStreams: C:\ProgramData\Temp:6B50FDB5 AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6B50FDB5 C:\ProgramData\FileSplitUpLoad.dll C:\ProgramData\uemtqux.exe C:\Users\Todos os Usuários\FileSplitUpLoad.dll C:\Users\Todos os Usuários\uemtqux.exe C:\Users\Áleson\AppData\Local\Temp\FFSetup3.7.0.0.exe C:\Users\Áleson\AppData\Local\Temp\GURB284.exe C:\Users\Áleson\AppData\Local\Temp\javagiac0.05637026420230706.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.07419647611942548.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.7159750379807412.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.8370023476803045.dll C:\Users\Áleson\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\MSETUP4.EXE C:\Users\Áleson\AppData\Local\Temp\Quarantine.exe C:\Users\Áleson\AppData\Local\Temp\setup.exe C:\Users\Áleson\AppData\Local\Temp\sjt7z_x86_console.exe C:\Users\Áleson\AppData\Local\Temp\unins000.exe C:\Users\Áleson\AppData\Local\Temp\{39A540B9-C264-48CA-B8DC-FB5C241EC09F}-46.0.2490.71_chrome64_installer.exe CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CreateRestorePoint: RemoveProxy: EmptyTemp: Reboot: Hosts: end ***************** Processos fechados com sucesso. HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART => valor não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7563959d-7e4d-11e4-becb-80ee735f2992} => chave não encontrado (a). HKCR\CLSID\{7563959d-7e4d-11e4-becb-80ee735f2992} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{773626ec-1da3-11e4-beb1-80ee735f2992} => chave não encontrado (a). HKCR\CLSID\{773626ec-1da3-11e4-beb1-80ee735f2992} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8ba5be-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKCR\CLSID\{7e8ba5be-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8ba713-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKCR\CLSID\{7e8ba713-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c7ba3-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKCR\CLSID\{e04c7ba3-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c7d0d-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKCR\CLSID\{e04c7d0d-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c91fe-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKCR\CLSID\{e04c91fe-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c9266-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKCR\CLSID\{e04c9266-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). "C:\WINDOWS\system32\GroupPolicy\Machine" => não encontrado (a). HKLM\SOFTWARE\Policies\Google => chave não encontrado (a). HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso.. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKCR\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKCR\Wow6432Node\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1416E16-86DC-4A0A-BE91-57476DC7A667} => chave não encontrado (a). HKCR\CLSID\{D1416E16-86DC-4A0A-BE91-57476DC7A667} => chave não encontrado (a). HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} => chave não encontrado (a). HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} => chave não encontrado (a). HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => valor restaurado com sucesso HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => valor restaurado com sucesso bavsvc => serviço não encontrado (a). bhipssvc => serviço não encontrado (a). Winstep Xtreme Service => serviço não encontrado (a). Bfilter => serviço não encontrado (a). Bfmon => serviço não encontrado (a). Bprotect => serviço não encontrado (a). BdApiUtil => serviço não encontrado (a). BdCameraProtect => serviço não encontrado (a). BprotectEx => serviço não encontrado (a). ew_hwusbdev => serviço não encontrado (a). ew_usbenumfilter => serviço não encontrado (a). gbpddfac => serviço removido (a) com sucesso. huawei_cdcacm => serviço não encontrado (a). huawei_enumerator => serviço não encontrado (a). PCFApiUtil => serviço não encontrado (a). pfnfd_1_10_0_8 => serviço não encontrado (a). Warsaw_PP => serviço não encontrado (a). "C:\VundoFix.txt" => não encontrado (a). "C:\VundoFix Backups" => não encontrado (a). "C:\Users\Áleson\Desktop\VundoFix.exe" => não encontrado (a). "C:\InfoSat.txt" => não encontrado (a). "C:\Users\Áleson\Desktop\dfdsfs.txt" => não encontrado (a). "C:\WINDOWS\ntbtlog.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\monomania.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\a-noite-la-notte.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\a-noite-la-notte (1).txt" => não encontrado (a). "C:\WINDOWS\DelYac64.sys" => não encontrado (a). "C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a). "C:\ProgramData\uemtqux.exe" => não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B1B2480-CEB4-46D5-AA91-1CBD0AB23F4D} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D868168F-594A-42F1-AB46-94E27C199E5E} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E43BE09-74EE-4440-80FE-DD47DD5BA132} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E262CAA-80AF-4080-85BF-3309027FA101} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0BCDD68-740D-48E7-BD4A-15C1B4DE6B23} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5FC202C1-0C4B-478B-80CA-FF60E606CA2A} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20CA7314-A39B-47B2-896B-57819EA44152} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C1878ED-A6EE-4730-BA3C-FE09155656AC} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F28D0500-E0D4-470E-8CCD-C44BF99BE134} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{440BE007-69BF-4AF6-ABB3-A7D2AFEC5B56} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B7400691-9F5B-40D0-865A-7BD2AC415865}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{103B2CEE-7BF6-4D69-8CEB-D750D1BBCB3E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94D4A7CA-1638-4E9E-A136-F4011F6BE158} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86FEA00A-800C-4C9B-99A8-BE1F3BF7B2C6} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E5525B6-6D78-47F2-A828-33522AE2D674} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBC8E308-F260-4EE6-B757-305D1F090D31} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B2979BE3-813A-4A9E-A81B-F02D7DDD45E6}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{525AC802-CF77-45FD-A337-3BBE9B5257CD}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2961D3F-4AC8-432E-B647-B2FCE4267125} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C54ACCE-3D90-4966-883A-FB73149DEB26} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C21EE86-E016-4B1C-82F7-2ACAFB2555ED} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0984D31D-EFCB-4744-8684-1C6F6FFD5F0C} => valor não encontrado (a). "C:\ProgramData\Temp" => ":6B50FDB5" ADS não encontrado (a). "C:\Users\Todos os Usuários\Temp" => ":6B50FDB5" ADS não encontrado (a). "C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a). "C:\ProgramData\uemtqux.exe" => não encontrado (a). "C:\Users\Todos os Usuários\FileSplitUpLoad.dll" => não encontrado (a). "C:\Users\Todos os Usuários\uemtqux.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\FFSetup3.7.0.0.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\GURB284.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.05637026420230706.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.07419647611942548.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.7159750379807412.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.8370023476803045.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\jre-8u65-windows-au.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\jre-8u66-windows-au.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\MSETUP4.EXE" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\Quarantine.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\setup.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\sjt7z_x86_console.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\unins000.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\{39A540B9-C264-48CA-B8DC-FB5C241EC09F}-46.0.2490.71_chrome64_installer.exe" => não encontrado (a). ========= dir /a "C:\Program Files" ========= O volume na unidade C Windows O Nmero de Srie do Volume 3414-5879 Pasta de C:\Program Files 01/11/2015 10:31