Publicité
Publicité
Commentaire : Resultado da Correção pela Farbar Recovery Scan Tool
Format du document : text/plain
Prévisualisation
Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 29-09-2017
Executado por patrick joão (30-09-2017 00:15:52) Run:1
Executando a partir de C:\Users\patrick joão\Desktop
Perfis Carregados: patrick joão (Perfis Disponíveis: patrick joão & outros)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {026f5b6a-d114-11e2-beda-eca86bb2c9ad} - "F:\AutoRun.exe" "motorola.html"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {270de048-d3ef-11e4-81d1-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {36e33d8d-8f75-11e4-8194-eca86bb2c9ad} - "D:\autorun.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {4c375b28-7b07-11e3-8251-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} - "E:\LGAutoRun.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll -> Nenhum Arquivo
GroupPolicy: Restri��o - Chrome <==== ATEN��O
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User: Restri��o <==== ATEN��O
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User: Restri��o <==== ATEN��O
ProxyEnable: [.DEFAULT] => Proxy est� habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58261;https=127.0.0.1:58261
ProxyEnable: [S-1-5-21-3732197090-2549513608-2655625776-1001] => Proxy est� habilitado.
ProxyServer: [S-1-5-21-3732197090-2549513608-2655625776-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 01 C:\ProgramData\Windows\System32\Mswapi32.dll => Nenhum Arquivo
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 13 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=2252ECA86BB2C9AD
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (Sem Nome) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM-x32 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2252ECA86BB2C9AD&affID=119821&tsp=4948
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyDyE0B0EyCyB0FtGtDtB0A0AtGyEzy0EtAtGtA0CyEzztGyC0AtDtA0E0A0C0D0B0BtB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=2011952802&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {78D20564-C350-454B-B525-072680AC9B52} URL =
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {B791756F-CBFD-4B92-A735-A8BBCCC53B8A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByD0DzyyEtByB0BtGyC0E0C0CtGtByBtCyCtGtB0EyB0FtGtDtC0D0AtA0DtDzyzytBtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=1251716020&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^BR&apn_uid=A0D88606-1D42-4AAD-8335-D5FC8FCDF786&apn_sauid=E62B3AF9-AEAD-44A5-837F-71279CBA5D02
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
BHO-x32: Sem Nome -> {2f3dc1cf-3023-4906-9b17-c022e853c2d8} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo
R2 WinNetSvc; C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] () <==== ATEN��O
R2 WMPNetworkAcSvc; C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [3879373 2017-09-13] () [Arquivo n�o assinado] <==== ATEN��O
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S4 hshld; "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" [X]
S2 Util Clock Hand; "C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe" [X]
S3 AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 mwars; \??\C:\Game\SoftnyxGame\MicroWarsPS\bin\avital\mwars64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\WINDOWS\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
2015-12-17 16:14 - 2015-12-16 06:21 - 004845408 _____ () C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-03-19 15:45 - 2017-09-13 11:47 - 003879373 _____ () C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2015-07-12 15:58 - 2015-06-12 07:58 - 000173848 _____ () C:\Users\patrick jo�o\AppData\Roaming\NetService\netservice.exe
2017-09-29 21:07 - 2017-09-29 21:07 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000001341 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usu�rios\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\patrick jo�o\AppData\LocalLow\IObit
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Program Files (x86)\IObit
2017-09-29 21:06 - 2017-09-29 21:09 - 000000000 ____D C:\Users\patrick jo�o\AppData\Roaming\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usu�rios\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\IObit
2017-09-29 21:06 - 2017-09-29 21:06 - 014582384 _____ (IObit ) C:\Users\patrick jo�o\Downloads\iobituninstaller.exe
2017-09-29 20:38 - 2017-09-29 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
2017-09-29 20:38 - 2017-09-29 20:38 - 001139568 _____ (Visicom Media Inc.) C:\Users\patrick jo�o\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASKRemover.zip
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASKRemover (1).zip
2017-09-29 20:33 - 2017-09-29 20:33 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASK-Remover.zip
2017-09-29 20:19 - 2017-09-29 20:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\patrick jo�o\Downloads\HijackThis.exe
2017-09-29 20:16 - 2017-09-29 20:16 - 006685392 _____ (Glarysoft Ltd ) C:\Users\patrick jo�o\Downloads\gusetup_slim.exe
2017-09-29 19:53 - 2017-09-29 19:53 - 002178872 _____ (Reason Software Company Inc.) C:\Users\patrick jo�o\Downloads\ShouldIRemoveIt_Setup.exe
2017-08-02 00:27 - 2017-08-02 00:31 - 000000000 ____D C:\AdwCleaner
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\WINDOWS\system32\tmp
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\Users\Todos os Usu�rios\Windows
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\ProgramData\Windows
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000003142 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job
2017-09-29 21:20 - 2016-05-11 21:26 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-09-29 21:20 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000004498 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000003478 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000002450 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job
2017-09-29 21:20 - 2015-07-16 19:22 - 000001076 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001488 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001394 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000003470 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000002154 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job
2017-09-29 20:23 - 2017-04-02 13:33 - 000000000 ____D C:\Users\patrick jo�o\AppData\LocalLow\Mozilla
2017-09-26 05:47 - 2016-03-19 15:45 - 000000000 ____D C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc
2017-08-19 22:28 - 2017-08-20 14:33 - 000000000 _____ () C:\Users\patrick jo�o\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-08-19 22:29 - 2017-08-20 13:17 - 000000088 _____ () C:\Users\patrick jo�o\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll
2017-09-07 21:29 - 2017-08-16 08:31 - 000838200 _____ (BlueStack Systems, Inc.) C:\Users\patrick jo�o\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:27 - 000945688 _____ (BlueStack Systems, Inc.) C:\Users\patrick jo�o\AppData\Local\Temp\BluestacksUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:26 - 000187416 _____ (BlueStack Systems) C:\Users\patrick jo�o\AppData\Local\Temp\HD-LibraryHandler.dll
2017-03-19 01:32 - 2016-06-14 08:24 - 000246808 _____ (BlueStack Systems) C:\Users\patrick jo�o\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-29 20:17 - 2017-07-11 21:08 - 000037376 _____ (Microsoft) C:\Users\patrick jo�o\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-03-29 20:17 - 2017-07-11 14:16 - 000020480 _____ (Microsoft) C:\Users\patrick jo�o\AppData\Local\Temp\HiRezLauncherControls.dll
2017-09-07 21:29 - 2017-08-16 08:30 - 000421400 _____ (CodeTitans) C:\Users\patrick jo�o\AppData\Local\Temp\JSON.dll
2014-10-27 19:11 - 2014-10-27 19:11 - 000000020 _____ () C:\ProgramData\bc.ini
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\patrick jo�o\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\patrick jo�o\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
ContextMenuHandlers1-x32: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
Task: {05419AF4-5628-4BC3-A2E5-A590070EDC96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-23] (Adobe Systems Incorporated)
Task: {0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: {1567AAFC-BAA7-45A5-B444-136C5EDFB28B} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exe <==== ATEN��O
Task: {199E2023-B524-451B-A62F-CFD0610D50F5} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATEN��O
Task: {366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: {3A2C5204-7694-421E-BE20-59B7B6AA0B8C} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exe <==== ATEN��O
Task: {3E5F3878-865D-4B4A-94BA-20912649DBB7} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATEN��O
Task: {647FA3AD-046A-4E81-A913-060B00ED5148} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe <==== ATEN��O
Task: {6550ED6E-F324-4BA3-AA4E-94D7669D7777} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exe <==== ATEN��O
Task: {65EFC672-EE1B-4F1E-A68F-2310D6B79F01} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2014-11-08] () <==== ATEN��O
Task: {68F13B54-849C-4101-8575-B010C2E24661} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATEN��O
Task: {74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} - \Torntv V9.0-chromeinstaller -> Nenhum Arquivo <==== ATEN��O
Task: {7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} - \FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017} -> Nenhum Arquivo <==== ATEN��O
Task: {8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} - System32\Tasks\Torntv V9.0-firefoxinstaller => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe <==== ATEN��O
Task: {93264FEA-A7DD-47F1-9BA7-345D311B0F8C} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATEN��O
Task: {A1E2FFAF-E017-410D-8EB3-3FCEC860E734} - System32\Tasks\Torntv V9.0-enabler => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe <==== ATEN��O
Task: {ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATEN��O
Task: {C9A99E53-D6F0-4F24-B481-298C0E349B4A} - System32\Tasks\Torntv V9.0-codedownloader => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATEN��O
Task: {CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATEN��O
Task: {D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATEN��O
Task: {DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: {EA80D57B-1A71-4EDD-90CA-F85077864A76} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5_user.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exe?/mIran /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /TMbDCIRQD=11111111-1111-1111-1111-110511421146 /dCPROoz=ch /sWlrClT /TWnVgGC /KqoIuK='hxxp:/update.clientstaticserv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe?/gxnMr /BYxMwWzYg='MPlayerplus' /OnCYBX C:\Program Files (x86)\MPlayerplus\54246.xpi' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /DRCRnNaYq=300 /uAgoIVWrU=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /rbDDiaRe=0.94 /PZoYRTVtd=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /JgtPO=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /ofeZNuQd='MPlayerplus' /HZMMarMDh='MediaPlayerEnhance Extension' /JkYPH='Freeven' /dCPROoz=ch /TWnVgGC /TgEEmM /wsCYsgo /KqoIuK='hxxp:/update.clientstaticserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exe?/sgcdrZs /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /Tapnm=hxxp:/ipgeoapi.com/ /lGbhwLimb=hxxp:/update.clientstaticserv.com /NqrNpc=2 /sZgvie=hxxp:/logs.clientstaticserv.com /KqoIuK='hxxp:/update.clientstaticserv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exe?/BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /KQxGan=hxxp:/js.clientstaticserv.com /dCPROoz=ch /NLNIUrr /bxakhW='nova' /KqoIuK='hxxp:/update.clientstaticserv.com/novarun/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\EyYD2Icv3p8nDGonphE1.job => C:\Users\patrick joo\AppData\Roaming\EyYD2Icv3p8nDGonphE1.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job => C:\Program Files\Playzy\PrefHelper.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks Norton Security Scan for patrick jo�o.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\WINDOWS\Tasks\OXuXcmDnUryvQraERDoHBaz.job => C:\Users\patrick joo\AppData\Roaming\OXuXcmDnUryvQraERDoHBaz.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe?/reinstallapp /runfrom=task /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/cr.install-daddy.com /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-enabler.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe?/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe?/installxpi /agentregpath='Torntv V9.0' /extensionfilepath C:\Program Files (x86)\Torntv V9.0\51390.xpi' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /extensionversion=0.94 /prefsbranch=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/51390.rdf /extensionname='Torntv V9.0' /extensiondesc='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /publishername='installdaddy' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='hxxp:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-updater.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exe?/runupdater /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.mstatsserv.com /autoupdateulr='hxxp:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ddtbrasil.top/login.php
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
FirewallRules: [{9AD256F2-DDBF-4674-BA29-C02EC5F82783}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{E222CA23-E028-40A3-A5F9-397F53A25C73}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{73B96048-CD03-4954-AEA2-A8AD0EA9F8DC}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [UDP Query User{BC9EFB24-1609-4734-898A-FBF1E265830B}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\ProgramData\Temp:07BF512B [156]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B [486]
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A [132]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\Todos os Usu�rios\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:07BF512B [156]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:373E1720 [126]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:6BE50C2B [486]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:862BDB1A [132]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:D1B5B4F1 [112]
C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe
C:\Users\patrick jo�o\AppData\Roaming\NetService\netservice.exe
C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
C:\programdata\microsoft\network\dsq\network
C:\programdata\microsoft\network\dsq
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{026f5b6a-d114-11e2-beda-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{026f5b6a-d114-11e2-beda-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{270de048-d3ef-11e4-81d1-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{270de048-d3ef-11e4-81d1-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36e33d8d-8f75-11e4-8194-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{36e33d8d-8f75-11e4-8194-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c375b28-7b07-11e3-8251-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{4c375b28-7b07-11e3-8251-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} => chave não encontrado (a).
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Dados do Valor removido (a) com sucesso..
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Dados do Valor removido (a) com sucesso..
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => valor removido (a) com sucesso.
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => chave removido (a) com sucesso.
C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User => movido com sucesso
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User => movido com sucesso
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{e0301295-ab3e-4af3-979f-3d453c5f9f48} => valor removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{78D20564-C350-454B-B525-072680AC9B52} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{78D20564-C350-454B-B525-072680AC9B52} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B791756F-CBFD-4B92-A735-A8BBCCC53B8A} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{B791756F-CBFD-4B92-A735-A8BBCCC53B8A} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2f3dc1cf-3023-4906-9b17-c022e853c2d8} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{2f3dc1cf-3023-4906-9b17-c022e853c2d8} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => chave não encontrado (a).
HKLM\Software\Classes\PROTOCOLS\Handler\osf => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1} => chave removido (a) com sucesso.
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Services\WinNetSvc => chave removido (a) com sucesso.
WinNetSvc => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\WMPNetworkAcSvc => chave removido (a) com sucesso.
WMPNetworkAcSvc => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\GbpSv => chave removido (a) com sucesso.
GbpSv => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\hshld => chave removido (a) com sucesso.
hshld => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Util Clock Hand => chave removido (a) com sucesso.
Util Clock Hand => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\AFTrafMgr1.2 => chave removido (a) com sucesso.
AFTrafMgr1.2 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\BprotectEx => chave removido (a) com sucesso.
BprotectEx => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\EagleX64 => chave removido (a) com sucesso.
EagleX64 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\esgiguard => chave removido (a) com sucesso.
esgiguard => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\gbpddfac => chave removido (a) com sucesso.
gbpddfac => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\GBPRCM => chave removido (a) com sucesso.
GBPRCM => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\mwars => chave removido (a) com sucesso.
mwars => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\PCFApiUtil => chave removido (a) com sucesso.
PCFApiUtil => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Warsaw_PP => chave removido (a) com sucesso.
Warsaw_PP => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va016 => chave removido (a) com sucesso.
X6va016 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va017 => chave removido (a) com sucesso.
X6va017 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va022 => chave removido (a) com sucesso.
X6va022 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va027 => chave removido (a) com sucesso.
X6va027 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va028 => chave removido (a) com sucesso.
X6va028 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va029 => chave removido (a) com sucesso.
X6va029 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\xhunter1 => chave removido (a) com sucesso.
xhunter1 => serviço removido (a) com sucesso.
C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe => movido com sucesso
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk => movido com sucesso
C:\Users\Public\Desktop\IObit Uninstaller.lnk => movido com sucesso
C:\Users\Todos os Usuários\ProductData => movido com sucesso
C:\Users\patrick joão\AppData\LocalLow\IObit => movido com sucesso
"C:\ProgramData\ProductData" => não encontrado (a).
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller => movido com sucesso
C:\Program Files (x86)\IObit => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\IObit => movido com sucesso
C:\Users\Todos os Usuários\IObit => movido com sucesso
"C:\ProgramData\IObit" => não encontrado (a).
C:\Users\patrick joão\Downloads\iobituninstaller.exe => movido com sucesso
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner => movido com sucesso
C:\Users\patrick joão\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe => movido com sucesso
C:\Users\patrick joão\Downloads\ASKRemover.zip => movido com sucesso
C:\Users\patrick joão\Downloads\ASKRemover (1).zip => movido com sucesso
C:\Users\patrick joão\Downloads\ASK-Remover.zip => movido com sucesso
C:\Users\patrick joão\Downloads\HijackThis.exe => movido com sucesso
C:\Users\patrick joão\Downloads\gusetup_slim.exe => movido com sucesso
C:\Users\patrick joão\Downloads\ShouldIRemoveIt_Setup.exe => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\WINDOWS\system32\tmp => movido com sucesso
C:\Users\Todos os Usuários\Windows => movido com sucesso
"C:\ProgramData\Windows" => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => movido com sucesso
"C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job" => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => movido com sucesso
C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => movido com sucesso
C:\WINDOWS\Tasks\Crossbrowse.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => movido com sucesso
C:\Users\patrick joão\AppData\LocalLow\Mozilla => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\BlueStacksClientUninstaller.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\BluestacksUninstaller.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HD-LibraryHandler.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HD-Logger-Native.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HiRezLauncherControls.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\JSON.dll => movido com sucesso
C:\ProgramData\bc.ini => movido com sucesso
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SAWFP => chave removido (a) com sucesso.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => chave removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000} => chave removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000} => chave removido (a) com sucesso.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave não encontrado (a).
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave removido (a) com sucesso.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave removido (a) com sucesso.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05419AF4-5628-4BC3-A2E5-A590070EDC96} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05419AF4-5628-4BC3-A2E5-A590070EDC96} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1567AAFC-BAA7-45A5-B444-136C5EDFB28B} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1567AAFC-BAA7-45A5-B444-136C5EDFB28B} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{199E2023-B524-451B-A62F-CFD0610D50F5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{199E2023-B524-451B-A62F-CFD0610D50F5} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A2C5204-7694-421E-BE20-59B7B6AA0B8C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A2C5204-7694-421E-BE20-59B7B6AA0B8C} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E5F3878-865D-4B4A-94BA-20912649DBB7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E5F3878-865D-4B4A-94BA-20912649DBB7} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-6 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{647FA3AD-046A-4E81-A913-060B00ED5148} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{647FA3AD-046A-4E81-A913-060B00ED5148} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6550ED6E-F324-4BA3-AA4E-94D7669D7777} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6550ED6E-F324-4BA3-AA4E-94D7669D7777} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65EFC672-EE1B-4F1E-A68F-2310D6B79F01} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65EFC672-EE1B-4F1E-A68F-2310D6B79F01} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\BrowserDefendert => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68F13B54-849C-4101-8575-B010C2E24661} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F13B54-849C-4101-8575-B010C2E24661} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-3 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-chromeinstaller => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-firefoxinstaller => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-firefoxinstaller => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93264FEA-A7DD-47F1-9BA7-345D311B0F8C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93264FEA-A7DD-47F1-9BA7-345D311B0F8C} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RunAsStdUser => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1E2FFAF-E017-410D-8EB3-3FCEC860E734} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1E2FFAF-E017-410D-8EB3-3FCEC860E734} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-enabler => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-enabler => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-7 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9A99E53-D6F0-4F24-B481-298C0E349B4A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9A99E53-D6F0-4F24-B481-298C0E349B4A} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-codedownloader => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-codedownloader => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Crossbrowse => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-5 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA80D57B-1A71-4EDD-90CA-F85077864A76} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA80D57B-1A71-4EDD-90CA-F85077864A76} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5_user.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => não encontrado (a).
C:\WINDOWS\Tasks\Crossbrowse.job => não encontrado (a).
C:\WINDOWS\Tasks\EyYD2Icv3p8nDGonphE1.job => movido com sucesso
C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job => movido com sucesso
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => movido com sucesso
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => movido com sucesso
C:\WINDOWS\Tasks Norton Security Scan for patrick joão.job => não encontrado (a).
C:\WINDOWS\Tasks\OXuXcmDnUryvQraERDoHBaz.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-enabler.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-updater.job => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso..
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AD256F2-DDBF-4674-BA29-C02EC5F82783} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E222CA23-E028-40A3-A5F9-397F53A25C73} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73B96048-CD03-4954-AEA2-A8AD0EA9F8DC}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC9EFB24-1609-4734-898A-FBF1E265830B}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe => valor removido (a) com sucesso.
C:\WINDOWS\Temp => ":$DATA" ADS removido (a) com sucesso..
C:\WINDOWS\system32\Drivers\gbpddreg64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":07BF512B" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":373E1720" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":6BE50C2B" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":862BDB1A" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":D1B5B4F1" ADS removido (a) com sucesso..
"C:\Users\Todos os Usuários\GbPlugin" => ":IncompleteStartGbprcm.cnt" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":07BF512B" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":373E1720" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":6BE50C2B" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":862BDB1A" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":D1B5B4F1" ADS não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe" => não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe" => não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe" => não encontrado (a).
C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe => movido com sucesso
C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe => movido com sucesso
"C:\programdata\microsoft\network\dsq\network" pasta mover:
Não pode ser movido "C:\programdata\microsoft\network\dsq\network" => Agendado para ser movido na reinicialização.
"C:\programdata\microsoft\network\dsq" pasta mover:
Não pode ser movido "C:\programdata\microsoft\network\dsq" => Agendado para ser movido na reinicialização.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
========= Fim de RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16044833 B
Java, Flash, Steam htmlcache => 95984737 B
Windows/system/drivers => 21179983 B
Edge => 0 B
Chrome => 187753440 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 361468 B
systemprofile32 => 6587229 B
LocalService => 147962 B
NetworkService => 0 B
patrick joão => 1319732568 B
outros => 0 B
patrick => 0 B
RecycleBin => 25053989768 B
EmptyTemp: => 24.9 GB de dados temporários Removidos.
================================
Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 30-09-2017 00:32:50)
C:\programdata\microsoft\network\dsq\network => movido com sucesso
C:\programdata\microsoft\network\dsq => movido com sucesso
==== Fim de Fixlog 00:32:51 ====
Executado por patrick joão (30-09-2017 00:15:52) Run:1
Executando a partir de C:\Users\patrick joão\Desktop
Perfis Carregados: patrick joão (Perfis Disponíveis: patrick joão & outros)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {026f5b6a-d114-11e2-beda-eca86bb2c9ad} - "F:\AutoRun.exe" "motorola.html"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {270de048-d3ef-11e4-81d1-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {36e33d8d-8f75-11e4-8194-eca86bb2c9ad} - "D:\autorun.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {4c375b28-7b07-11e3-8251-eca86bb2c9ad} - "F:\setup.exe"
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\...\MountPoints2: {9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} - "E:\LGAutoRun.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll -> Nenhum Arquivo
GroupPolicy: Restri��o - Chrome <==== ATEN��O
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User: Restri��o <==== ATEN��O
GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User: Restri��o <==== ATEN��O
ProxyEnable: [.DEFAULT] => Proxy est� habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58261;https=127.0.0.1:58261
ProxyEnable: [S-1-5-21-3732197090-2549513608-2655625776-1001] => Proxy est� habilitado.
ProxyServer: [S-1-5-21-3732197090-2549513608-2655625776-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 01 C:\ProgramData\Windows\System32\Mswapi32.dll => Nenhum Arquivo
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog9 13 C:\WINDOWS\SysWOW64\sslsp105.dll [73984 2015-07-13] (SumRando)
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
Winsock: Catalog9-x64 13 C:\WINDOWS\system32\sslsp105.dll [75520 2015-07-13] (SumRando)
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=top8844&uid=S2A8V6P1_ST500DM002-1BD142&tm=1449944017
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=mbtkv5&uid=S2A8V6P1_ST500DM002-1BD142&tm=1468481232
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=2252ECA86BB2C9AD
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (Sem Nome) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKLM-x32 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2252ECA86BB2C9AD&affID=119821&tsp=4948
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyDyE0B0EyCyB0FtGtDtB0A0AtGyEzy0EtAtGtA0CyEzztGyC0AtDtA0E0A0C0D0B0BtB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=2011952802&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1435714507&z=a5371985838014af282c9bagaz0cdwfmagfz3b9w4g&from=cornl&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?pr=vmn&id=toolbarcleaner_ot&v=2_0&ent=ch_5146&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {78D20564-C350-454B-B525-072680AC9B52} URL =
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=D9Ne105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {B791756F-CBFD-4B92-A735-A8BBCCC53B8A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0E0C0AzzyC0B0BtB0Czy0A0D0FtBtDtCtN0D0Tzu0SzyyDtAtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByD0DzyyEtByB0BtGyC0E0C0CtGtByBtCyCtGtB0EyB0FtGtDtC0D0AtA0DtDzyzytBtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0AtDyByCtBtA0BtGyCyDyDyBtG0A0FzztAtGyEyBtAtAtGyBtDtDtC0CtD0Czy0D0BzztD2Q&cr=1251716020&ir=
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^BR&apn_uid=A0D88606-1D42-4AAD-8335-D5FC8FCDF786&apn_sauid=E62B3AF9-AEAD-44A5-837F-71279CBA5D02
SearchScopes: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST500DM002-1BD142_S2A8V6P1XXXXS2A8V6P1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms}
BHO-x32: Sem Nome -> {2f3dc1cf-3023-4906-9b17-c022e853c2d8} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo
R2 WinNetSvc; C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] () <==== ATEN��O
R2 WMPNetworkAcSvc; C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [3879373 2017-09-13] () [Arquivo n�o assinado] <==== ATEN��O
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S4 hshld; "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" [X]
S2 Util Clock Hand; "C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe" [X]
S3 AFTrafMgr1.2; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
S3 mwars; \??\C:\Game\SoftnyxGame\MicroWarsPS\bin\avital\mwars64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\WINDOWS\SysWOW64\Drivers\X6va017 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\WINDOWS\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
2015-12-17 16:14 - 2015-12-16 06:21 - 004845408 _____ () C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe
2016-03-19 15:45 - 2017-09-13 11:47 - 003879373 _____ () C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
2015-07-12 15:58 - 2015-06-12 07:58 - 000173848 _____ () C:\Users\patrick jo�o\AppData\Roaming\NetService\netservice.exe
2017-09-29 21:07 - 2017-09-29 21:07 - 000001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000001341 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usu�rios\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Users\patrick jo�o\AppData\LocalLow\IObit
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\ProductData
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-09-29 21:07 - 2017-09-29 21:07 - 000000000 ____D C:\Program Files (x86)\IObit
2017-09-29 21:06 - 2017-09-29 21:09 - 000000000 ____D C:\Users\patrick jo�o\AppData\Roaming\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\Users\Todos os Usu�rios\IObit
2017-09-29 21:06 - 2017-09-29 21:07 - 000000000 ____D C:\ProgramData\IObit
2017-09-29 21:06 - 2017-09-29 21:06 - 014582384 _____ (IObit ) C:\Users\patrick jo�o\Downloads\iobituninstaller.exe
2017-09-29 20:38 - 2017-09-29 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
2017-09-29 20:38 - 2017-09-29 20:38 - 001139568 _____ (Visicom Media Inc.) C:\Users\patrick jo�o\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASKRemover.zip
2017-09-29 20:34 - 2017-09-29 20:34 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASKRemover (1).zip
2017-09-29 20:33 - 2017-09-29 20:33 - 000276372 _____ C:\Users\patrick jo�o\Downloads\ASK-Remover.zip
2017-09-29 20:19 - 2017-09-29 20:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\patrick jo�o\Downloads\HijackThis.exe
2017-09-29 20:16 - 2017-09-29 20:16 - 006685392 _____ (Glarysoft Ltd ) C:\Users\patrick jo�o\Downloads\gusetup_slim.exe
2017-09-29 19:53 - 2017-09-29 19:53 - 002178872 _____ (Reason Software Company Inc.) C:\Users\patrick jo�o\Downloads\ShouldIRemoveIt_Setup.exe
2017-08-02 00:27 - 2017-08-02 00:31 - 000000000 ____D C:\AdwCleaner
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\WINDOWS\system32\tmp
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\Users\Todos os Usu�rios\Windows
2017-07-19 04:06 - 2017-07-19 04:06 - 000000000 ____D C:\ProgramData\Windows
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:30 - 2014-05-15 23:30 - 000001338 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job
2017-09-29 21:24 - 2015-07-16 19:24 - 000003142 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job
2017-09-29 21:20 - 2016-05-11 21:26 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-09-29 21:20 - 2015-07-16 19:24 - 000005522 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000004498 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000003478 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job
2017-09-29 21:20 - 2015-07-16 19:24 - 000002450 _____ C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job
2017-09-29 21:20 - 2015-07-16 19:22 - 000001076 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001488 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job
2017-09-29 21:20 - 2014-05-15 23:31 - 000001394 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000003470 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job
2017-09-29 21:20 - 2014-05-15 23:30 - 000002154 _____ C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job
2017-09-29 20:23 - 2017-04-02 13:33 - 000000000 ____D C:\Users\patrick jo�o\AppData\LocalLow\Mozilla
2017-09-26 05:47 - 2016-03-19 15:45 - 000000000 ____D C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc
2017-08-19 22:28 - 2017-08-20 14:33 - 000000000 _____ () C:\Users\patrick jo�o\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-08-19 22:29 - 2017-08-20 13:17 - 000000088 _____ () C:\Users\patrick jo�o\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll
2017-09-07 21:29 - 2017-08-16 08:31 - 000838200 _____ (BlueStack Systems, Inc.) C:\Users\patrick jo�o\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:27 - 000945688 _____ (BlueStack Systems, Inc.) C:\Users\patrick jo�o\AppData\Local\Temp\BluestacksUninstaller.exe
2017-03-19 01:32 - 2016-06-14 08:26 - 000187416 _____ (BlueStack Systems) C:\Users\patrick jo�o\AppData\Local\Temp\HD-LibraryHandler.dll
2017-03-19 01:32 - 2016-06-14 08:24 - 000246808 _____ (BlueStack Systems) C:\Users\patrick jo�o\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-29 20:17 - 2017-07-11 21:08 - 000037376 _____ (Microsoft) C:\Users\patrick jo�o\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-03-29 20:17 - 2017-07-11 14:16 - 000020480 _____ (Microsoft) C:\Users\patrick jo�o\AppData\Local\Temp\HiRezLauncherControls.dll
2017-09-07 21:29 - 2017-08-16 08:30 - 000421400 _____ (CodeTitans) C:\Users\patrick jo�o\AppData\Local\Temp\JSON.dll
2014-10-27 19:11 - 2014-10-27 19:11 - 000000020 _____ () C:\ProgramData\bc.ini
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\patrick jo�o\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\patrick jo�o\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
ContextMenuHandlers1-x32: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers4: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Proc] -> {C7BB73F2-CAD9-4130-B233-FF1651FD0453} => C:\Users\patrick jo�o\AppData\Roaming\Macwebtoise\RtMenu64.dll -> Nenhum Arquivo
Task: {05419AF4-5628-4BC3-A2E5-A590070EDC96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-23] (Adobe Systems Incorporated)
Task: {0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: {1567AAFC-BAA7-45A5-B444-136C5EDFB28B} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exe <==== ATEN��O
Task: {199E2023-B524-451B-A62F-CFD0610D50F5} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATEN��O
Task: {366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: {3A2C5204-7694-421E-BE20-59B7B6AA0B8C} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exe <==== ATEN��O
Task: {3E5F3878-865D-4B4A-94BA-20912649DBB7} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATEN��O
Task: {647FA3AD-046A-4E81-A913-060B00ED5148} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe <==== ATEN��O
Task: {6550ED6E-F324-4BA3-AA4E-94D7669D7777} - System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exe <==== ATEN��O
Task: {65EFC672-EE1B-4F1E-A68F-2310D6B79F01} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2014-11-08] () <==== ATEN��O
Task: {68F13B54-849C-4101-8575-B010C2E24661} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATEN��O
Task: {74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} - \Torntv V9.0-chromeinstaller -> Nenhum Arquivo <==== ATEN��O
Task: {7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} - \FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017} -> Nenhum Arquivo <==== ATEN��O
Task: {8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} - System32\Tasks\Torntv V9.0-firefoxinstaller => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe <==== ATEN��O
Task: {93264FEA-A7DD-47F1-9BA7-345D311B0F8C} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATEN��O
Task: {A1E2FFAF-E017-410D-8EB3-3FCEC860E734} - System32\Tasks\Torntv V9.0-enabler => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe <==== ATEN��O
Task: {ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATEN��O
Task: {C9A99E53-D6F0-4F24-B481-298C0E349B4A} - System32\Tasks\Torntv V9.0-codedownloader => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATEN��O
Task: {CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATEN��O
Task: {D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATEN��O
Task: {DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: {EA80D57B-1A71-4EDD-90CA-F85077864A76} - System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-6.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-1-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-3.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5_user.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-5.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-6.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => C:\Program Files (x86)\BrowserV16.07\3c9a794a-44e0-4882-b060-f62430120cae-7.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.exe?/mIran /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /TMbDCIRQD=11111111-1111-1111-1111-110511421146 /dCPROoz=ch /sWlrClT /TWnVgGC /KqoIuK='hxxp:/update.clientstaticserv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.exe?/gxnMr /BYxMwWzYg='MPlayerplus' /OnCYBX C:\Program Files (x86)\MPlayerplus\54246.xpi' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /DRCRnNaYq=300 /uAgoIVWrU=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /rbDDiaRe=0.94 /PZoYRTVtd=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /JgtPO=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /ofeZNuQd='MPlayerplus' /HZMMarMDh='MediaPlayerEnhance Extension' /JkYPH='Freeven' /dCPROoz=ch /TWnVgGC /TgEEmM /wsCYsgo /KqoIuK='hxxp:/update.clientstaticserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => C:\Program Files (x86)\MPlayerplus\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.exe?/sgcdrZs /BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /Tapnm=hxxp:/ipgeoapi.com/ /lGbhwLimb=hxxp:/update.clientstaticserv.com /NqrNpc=2 /sZgvie=hxxp:/logs.clientstaticserv.com /KqoIuK='hxxp:/update.clientstaticserv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => C:\Program Files (x86)\MPlayerplus\MPlayerplus-nova.exe?/BYxMwWzYg='MPlayerplus' /coTKHobdB=54246 /DZplfh='001359' /jAgokY='verticals-' /aqsCYInz='0' /QvowIm=DA0FA4D3576A42F789CE7CC0B9262DADIE /LdvCklKu=2c48bb493f9c9b155bd1a28d789faaaa /zMmvTh=1_34_05_12 /GXJXhesx=1.34.5.12 /riwWGQWc=1400207430 /TcABGD=hxxp:/stats.clientstaticserv.com /tjOHk=hxxp:/errors.clientstaticserv.com /KQxGan=hxxp:/js.clientstaticserv.com /dCPROoz=ch /NLNIUrr /bxakhW='nova' /KqoIuK='hxxp:/update.clientstaticserv.com/novarun/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\EyYD2Icv3p8nDGonphE1.job => C:\Users\patrick joo\AppData\Roaming\EyYD2Icv3p8nDGonphE1.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job => C:\Program Files\Playzy\PrefHelper.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks Norton Security Scan for patrick jo�o.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\WINDOWS\Tasks\OXuXcmDnUryvQraERDoHBaz.job => C:\Users\patrick joo\AppData\Roaming\OXuXcmDnUryvQraERDoHBaz.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe?/reinstallapp /runfrom=task /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/cr.install-daddy.com /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-enabler.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe?/enablebho /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511131190 /defbro=ch /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe?/installxpi /agentregpath='Torntv V9.0' /extensionfilepath C:\Program Files (x86)\Torntv V9.0\51390.xpi' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /extensionversion=0.94 /prefsbranch=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/51390.rdf /extensionname='Torntv V9.0' /extensiondesc='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /publishername='installdaddy' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='hxxp:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
Task: C:\WINDOWS\Tasks\Torntv V9.0-updater.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exe?/runupdater /agentregpath='Torntv V9.0' /appid=51390 /srcid='001062' /subid='0' /zdata='0' /bic=DA0FA4D3576A42F789CE7CC0B9262DADIE /verifier=2c48bb493f9c9b155bd1a28d789faaaa /installerversion=1_34_3_6 /installationtime=1396119348 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.mstatsserv.com /autoupdateulr='hxxp:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATEN��O
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\Users\patrick jo�o\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ddtbrasil.top/login.php
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> www.top8844.com?oem=sv1&uid=S2A8V6P1_ST500DM002-1BD142&tm=1438440253
FirewallRules: [{9AD256F2-DDBF-4674-BA29-C02EC5F82783}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{E222CA23-E028-40A3-A5F9-397F53A25C73}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{73B96048-CD03-4954-AEA2-A8AD0EA9F8DC}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
FirewallRules: [UDP Query User{BC9EFB24-1609-4734-898A-FBF1E265830B}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe] => (Block) C:\programdata\microsoft\network\dsq\network\sysnetwk.exe
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686]
AlternateDataStreams: C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\ProgramData\Temp:07BF512B [156]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]
AlternateDataStreams: C:\ProgramData\Temp:6BE50C2B [486]
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A [132]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\Todos os Usu�rios\GbPlugin:IncompleteStartGbprcm.cnt [10]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:07BF512B [156]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:373E1720 [126]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:6BE50C2B [486]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:862BDB1A [132]
AlternateDataStreams: C:\Users\Todos os Usu�rios\Temp:D1B5B4F1 [112]
C:\Users\patrick jo�o\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
C:\Users\patrick jo�o\AppData\Roaming\WinNetSvc\WinNetSvc.exe
C:\Users\patrick jo�o\AppData\Roaming\NetService\netservice.exe
C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
C:\programdata\microsoft\network\dsq\network
C:\programdata\microsoft\network\dsq
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{026f5b6a-d114-11e2-beda-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{026f5b6a-d114-11e2-beda-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{270de048-d3ef-11e4-81d1-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{270de048-d3ef-11e4-81d1-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36e33d8d-8f75-11e4-8194-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{36e33d8d-8f75-11e4-8194-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c375b28-7b07-11e3-8251-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{4c375b28-7b07-11e3-8251-eca86bb2c9ad} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{9e6cb0cb-c761-11e3-8089-eca86bb2c9ad} => chave não encontrado (a).
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Dados do Valor removido (a) com sucesso..
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Dados do Valor removido (a) com sucesso..
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => valor removido (a) com sucesso.
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => chave removido (a) com sucesso.
C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1002\User => movido com sucesso
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3732197090-2549513608-2655625776-1001\User => movido com sucesso
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013 => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => valor removido (a) com sucesso.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{e0301295-ab3e-4af3-979f-3d453c5f9f48} => valor removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{78D20564-C350-454B-B525-072680AC9B52} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{78D20564-C350-454B-B525-072680AC9B52} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B791756F-CBFD-4B92-A735-A8BBCCC53B8A} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{B791756F-CBFD-4B92-A735-A8BBCCC53B8A} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{DBCCBCB1-05D0-4ECB-8A8D-5618B7B31D5D} => chave não encontrado (a).
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2f3dc1cf-3023-4906-9b17-c022e853c2d8} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{2f3dc1cf-3023-4906-9b17-c022e853c2d8} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => chave não encontrado (a).
HKLM\Software\Classes\PROTOCOLS\Handler\osf => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1} => chave removido (a) com sucesso.
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Services\WinNetSvc => chave removido (a) com sucesso.
WinNetSvc => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\WMPNetworkAcSvc => chave removido (a) com sucesso.
WMPNetworkAcSvc => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\GbpSv => chave removido (a) com sucesso.
GbpSv => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\hshld => chave removido (a) com sucesso.
hshld => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Util Clock Hand => chave removido (a) com sucesso.
Util Clock Hand => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\AFTrafMgr1.2 => chave removido (a) com sucesso.
AFTrafMgr1.2 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\BprotectEx => chave removido (a) com sucesso.
BprotectEx => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\EagleX64 => chave removido (a) com sucesso.
EagleX64 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\esgiguard => chave removido (a) com sucesso.
esgiguard => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\gbpddfac => chave removido (a) com sucesso.
gbpddfac => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\GBPRCM => chave removido (a) com sucesso.
GBPRCM => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\mwars => chave removido (a) com sucesso.
mwars => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\PCFApiUtil => chave removido (a) com sucesso.
PCFApiUtil => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Warsaw_PP => chave removido (a) com sucesso.
Warsaw_PP => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va016 => chave removido (a) com sucesso.
X6va016 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va017 => chave removido (a) com sucesso.
X6va017 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va022 => chave removido (a) com sucesso.
X6va022 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va027 => chave removido (a) com sucesso.
X6va027 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va028 => chave removido (a) com sucesso.
X6va028 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\X6va029 => chave removido (a) com sucesso.
X6va029 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\xhunter1 => chave removido (a) com sucesso.
xhunter1 => serviço removido (a) com sucesso.
C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe => movido com sucesso
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk => movido com sucesso
C:\Users\Public\Desktop\IObit Uninstaller.lnk => movido com sucesso
C:\Users\Todos os Usuários\ProductData => movido com sucesso
C:\Users\patrick joão\AppData\LocalLow\IObit => movido com sucesso
"C:\ProgramData\ProductData" => não encontrado (a).
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller => movido com sucesso
C:\Program Files (x86)\IObit => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\IObit => movido com sucesso
C:\Users\Todos os Usuários\IObit => movido com sucesso
"C:\ProgramData\IObit" => não encontrado (a).
C:\Users\patrick joão\Downloads\iobituninstaller.exe => movido com sucesso
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner => movido com sucesso
C:\Users\patrick joão\Downloads\ToolbarCleaner_softonic_2.0.0.10.exe => movido com sucesso
C:\Users\patrick joão\Downloads\ASKRemover.zip => movido com sucesso
C:\Users\patrick joão\Downloads\ASKRemover (1).zip => movido com sucesso
C:\Users\patrick joão\Downloads\ASK-Remover.zip => movido com sucesso
C:\Users\patrick joão\Downloads\HijackThis.exe => movido com sucesso
C:\Users\patrick joão\Downloads\gusetup_slim.exe => movido com sucesso
C:\Users\patrick joão\Downloads\ShouldIRemoveIt_Setup.exe => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\WINDOWS\system32\tmp => movido com sucesso
C:\Users\Todos os Usuários\Windows => movido com sucesso
"C:\ProgramData\Windows" => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => movido com sucesso
"C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job" => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => movido com sucesso
C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => movido com sucesso
C:\WINDOWS\Tasks\Crossbrowse.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => movido com sucesso
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => movido com sucesso
C:\Users\patrick joão\AppData\LocalLow\Mozilla => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\8b8068ce81224a13f5a56acd0ae43ef0.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\BlueStacksClientUninstaller.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\BluestacksUninstaller.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HD-LibraryHandler.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HD-Logger-Native.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\HiRezLauncherControls.dll => movido com sucesso
C:\Users\patrick joão\AppData\Local\Temp\JSON.dll => movido com sucesso
C:\ProgramData\bc.ini => movido com sucesso
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SAWFP => chave removido (a) com sucesso.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => chave removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000} => chave removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000} => chave removido (a) com sucesso.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave não encontrado (a).
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave removido (a) com sucesso.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave removido (a) com sucesso.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Proc => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{C7BB73F2-CAD9-4130-B233-FF1651FD0453} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05419AF4-5628-4BC3-A2E5-A590070EDC96} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05419AF4-5628-4BC3-A2E5-A590070EDC96} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DFF5FE9-A69B-4EC7-96C5-C2F960D39E18} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1567AAFC-BAA7-45A5-B444-136C5EDFB28B} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1567AAFC-BAA7-45A5-B444-136C5EDFB28B} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-5 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{199E2023-B524-451B-A62F-CFD0610D50F5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{199E2023-B524-451B-A62F-CFD0610D50F5} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-3 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{366F1AAF-B855-40DD-B6BB-FBFBF417D8E4} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A2C5204-7694-421E-BE20-59B7B6AA0B8C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A2C5204-7694-421E-BE20-59B7B6AA0B8C} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-2 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E5F3878-865D-4B4A-94BA-20912649DBB7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E5F3878-865D-4B4A-94BA-20912649DBB7} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-6 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{647FA3AD-046A-4E81-A913-060B00ED5148} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{647FA3AD-046A-4E81-A913-060B00ED5148} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-4 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6550ED6E-F324-4BA3-AA4E-94D7669D7777} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6550ED6E-F324-4BA3-AA4E-94D7669D7777} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b831afd9-f083-41b9-9e89-e4a308fff6ee-7 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65EFC672-EE1B-4F1E-A68F-2310D6B79F01} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65EFC672-EE1B-4F1E-A68F-2310D6B79F01} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\BrowserDefendert => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68F13B54-849C-4101-8575-B010C2E24661} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F13B54-849C-4101-8575-B010C2E24661} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-3 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74E1E4A2-233D-4BAE-9909-88B1A15CD1F1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-chromeinstaller => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7858CC45-DDAD-4B4A-874E-F8DED4AAE7B5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FD71AD6-D75F-4121-9C29-407A4E9B1EA9} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-firefoxinstaller => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-firefoxinstaller => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93264FEA-A7DD-47F1-9BA7-345D311B0F8C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93264FEA-A7DD-47F1-9BA7-345D311B0F8C} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RunAsStdUser => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1E2FFAF-E017-410D-8EB3-3FCEC860E734} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1E2FFAF-E017-410D-8EB3-3FCEC860E734} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-enabler => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-enabler => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADD92FF1-9A23-48FF-A4EC-2A3C5FE9E963} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-7 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9A99E53-D6F0-4F24-B481-298C0E349B4A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9A99E53-D6F0-4F24-B481-298C0E349B4A} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Torntv V9.0-codedownloader => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv V9.0-codedownloader => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE7774E8-5E9C-47D2-99E7-F45A9EB1FB64} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Crossbrowse => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6E61B1F-9EA2-4F3B-9C9C-1F34332D0019} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-1-6 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFE42A13-DFF0-45FD-81B9-FC091BDAE3AD} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-5 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA80D57B-1A71-4EDD-90CA-F85077864A76} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA80D57B-1A71-4EDD-90CA-F85077864A76} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3c9a794a-44e0-4882-b060-f62430120cae-1-7 => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-6.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-1-7.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-3.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-5_user.job => movido com sucesso
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-6.job => não encontrado (a).
C:\WINDOWS\Tasks\3c9a794a-44e0-4882-b060-f62430120cae-7.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-2.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-3.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-4.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-5.job => não encontrado (a).
C:\WINDOWS\Tasks\b831afd9-f083-41b9-9e89-e4a308fff6ee-7.job => não encontrado (a).
C:\WINDOWS\Tasks\Crossbrowse.job => não encontrado (a).
C:\WINDOWS\Tasks\EyYD2Icv3p8nDGonphE1.job => movido com sucesso
C:\WINDOWS\Tasks\FF Watcher {BF6D65E5-A203-4925-82DC-C8F6FD699017}.job => movido com sucesso
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => movido com sucesso
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => movido com sucesso
C:\WINDOWS\Tasks Norton Security Scan for patrick joão.job => não encontrado (a).
C:\WINDOWS\Tasks\OXuXcmDnUryvQraERDoHBaz.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-chromeinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-codedownloader.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-enabler.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-firefoxinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Torntv V9.0-updater.job => movido com sucesso
C:\Users\patrick joão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\patrick joão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso..
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AD256F2-DDBF-4674-BA29-C02EC5F82783} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E222CA23-E028-40A3-A5F9-397F53A25C73} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73B96048-CD03-4954-AEA2-A8AD0EA9F8DC}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC9EFB24-1609-4734-898A-FBF1E265830B}C:\programdata\microsoft\network\dsq\network\sysnetwk.exe => valor removido (a) com sucesso.
C:\WINDOWS\Temp => ":$DATA" ADS removido (a) com sucesso..
C:\WINDOWS\system32\Drivers\gbpddreg64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
C:\ProgramData\GbPlugin => ":IncompleteStartGbprcm.cnt" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":07BF512B" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":373E1720" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":6BE50C2B" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":862BDB1A" ADS removido (a) com sucesso..
C:\ProgramData\Temp => ":D1B5B4F1" ADS removido (a) com sucesso..
"C:\Users\Todos os Usuários\GbPlugin" => ":IncompleteStartGbprcm.cnt" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":07BF512B" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":373E1720" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":6BE50C2B" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":862BDB1A" ADS não encontrado (a).
"C:\Users\Todos os Usuários\Temp" => ":D1B5B4F1" ADS não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe" => não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\WinNetSvc\WinNetSvc.exe" => não encontrado (a).
"C:\Users\patrick joão\AppData\Roaming\NetService\netservice.exe" => não encontrado (a).
C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe => movido com sucesso
C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe => movido com sucesso
"C:\programdata\microsoft\network\dsq\network" pasta mover:
Não pode ser movido "C:\programdata\microsoft\network\dsq\network" => Agendado para ser movido na reinicialização.
"C:\programdata\microsoft\network\dsq" pasta mover:
Não pode ser movido "C:\programdata\microsoft\network\dsq" => Agendado para ser movido na reinicialização.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3732197090-2549513608-2655625776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
========= Fim de RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16044833 B
Java, Flash, Steam htmlcache => 95984737 B
Windows/system/drivers => 21179983 B
Edge => 0 B
Chrome => 187753440 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 361468 B
systemprofile32 => 6587229 B
LocalService => 147962 B
NetworkService => 0 B
patrick joão => 1319732568 B
outros => 0 B
patrick => 0 B
RecycleBin => 25053989768 B
EmptyTemp: => 24.9 GB de dados temporários Removidos.
================================
Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 30-09-2017 00:32:50)
C:\programdata\microsoft\network\dsq\network => movido com sucesso
C:\programdata\microsoft\network\dsq => movido com sucesso
==== Fim de Fixlog 00:32:51 ====