Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 18-10-2017
Executado por Cleuton (18-10-2017 13:27:21) Run:1
Executando a partir de C:\Users\Cleuton\Desktop
Perfis Carregados: Cleuton (Perfis Disponíveis: Cleuton & Familia)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
CHR Profile: C:\Users\Cleuton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-14] <==== ATEN��O
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restri��o <==== ATEN��O
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [267416 2017-10-13] ()
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe <==== ATEN��O
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe <==== ATEN��O
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\...\MountPoints2: {f49f60fd-4321-11e7-813f-bc855626fbf9} - "D:\autorun.exe"
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\...\MountPoints2: {f49f619f-4321-11e7-813f-bc855626fbf9} - "E:\autoplay.exe"
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellExecuteHooks: Sem Nome - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2017-08-18]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Task: {09E325F7-CF90-47FF-B22F-CE92FCE89158} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATEN��O
Task: {276CDEA2-4059-4AE1-BFC4-877A5DF69A14} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATEN��O
Task: {329E3696-5A5C-4176-B9A4-C8603241131A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06] (Piriform Ltd)
Task: {33488942-0342-44AE-844F-1BE197402CF8} - \WPD\SqmUpload_S-1-5-21-3204385561-3160567561-411584990-1001 -> Nenhum Arquivo <==== ATEN��O
Task: {3658D449-F9B9-4BD2-8A88-DE32992E29A5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATEN��O
Task: {3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-10-13] ()
Task: {43F4416D-3E20-4F6C-A51F-70C14816B6C7} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-10-31] (AVAST Software)
Task: {52AFD6DB-99E3-4FDA-8939-976C973284BC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATEN��O
Task: {65FCBD95-CA2B-456F-923D-9D82CE1E363C} - \ASC10_SkipUac_Cleuton -> Nenhum Arquivo <==== ATEN��O
Task: {75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATEN��O
Task: {7E74FA47-04C9-40E3-A7EA-E709A243BD5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATEN��O
Task: {7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATEN��O
Task: {8764F5B0-288B-4EEA-BAD8-CB8330334486} - System32\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-10-13] ()
Task: {90AE85B4-1D2C-48FF-9538-6641CAD770D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATEN��O
Task: {98CD8CA3-A45E-4E61-B74F-5C33E5312D77} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATEN��O
Task: {A201D89F-FDA2-4339-9F75-2199AD6D43C4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATEN��O
Task: {C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATEN��O
Task: {CCCB62B8-64DE-435F-B9CE-11F4C612DB36} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATEN��O
Task: {D3B09BA6-604D-42AB-859C-ADDEAF0A128E} - System32\Tasks\Updates\KnifeBoot => powershell -Windowstyle hidden -NoLogo -ExecutionPolicy Bypass -noexit -Command [System.Reflection.Assembly]::Load([System.Convert]::FromBase64String((Get-ItemProperty HKCU:\Software\Rahoz).LegalAuth)).EntryPoint.Invoke($Null,$Null) <==== ATEN��O
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
ShortcutWithArgument: C:\Users\Cleuton\Desktop\user0 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () -> --profile-directory="ChromeDefaultData"
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - Sem Nome - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [701032 2016-10-31] (AVAST Software)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 AcuWVSSchedulerv9; "C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe" [X]
S4 CG6Service; "C:\Program Files (x86)\CyberGhost\CyberGhost.Service.exe" [X]
S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]
S2 WTFast.Service; "C:\Program Files (x86)\WTFast\service\WTFast.Service.exe" [X]
S3 DrvAgent64; n�o ImagePath
U2 TMAgent; n�o ImagePath
2017-10-16 08:19 - 2017-10-17 16:58 - 000004296 _____ C:\Users\Cleuton\Desktop\Rkill.txt
2017-10-16 08:18 - 2017-10-16 08:18 - 005660147 _____ (Swearware) C:\Users\Cleuton\Desktop\winlogon.exe
2017-10-14 23:31 - 2017-10-14 23:33 - 000000000 ____D C:\AdwCleaner
2017-10-14 23:23 - 2017-10-15 10:24 - 008292304 _____ C:\Users\Cleuton\Desktop\adwcleaner_7.0.3.1.exe
2017-07-22 01:19 - 2017-10-08 17:53 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-07-22 01:09 - 2017-07-23 11:36 - 000000000 ____D C:\Users\Todos os Usu�rios\McAfee
2017-07-22 01:09 - 2017-07-23 11:36 - 000000000 ____D C:\ProgramData\McAfee
2017-09-26 22:19 - 2014-11-17 18:31 - 000000000 ____D C:\Users\Todos os Usu�rios\boost_interprocess
2017-09-26 22:19 - 2014-11-17 18:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-04-14 22:40 - 2017-06-21 14:18 - 000000600 _____ () C:\Users\Cleuton\AppData\Roaming\winscp.rnd
2017-04-14 15:34 - 2017-06-21 14:35 - 000000600 _____ () C:\Users\Cleuton\AppData\Local\PUTTY.RND
2014-01-15 02:15 - 2014-01-15 02:15 - 000167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Cleuton\AppData\Local\Temp\3582-490\chrome.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usu�rios\FileSplitUpLoad.dll
RemoveProxy:
EmptyTemp:
Hosts:
Reboot:
end
*****************
Processos fechados com sucesso.
C:\Users\Cleuton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => movido com sucesso
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => chave removido (a) com sucesso.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Lightshot => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave removido (a) com sucesso.
HKU\S-1-5-18\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f49f60fd-4321-11e7-813f-bc855626fbf9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{f49f60fd-4321-11e7-813f-bc855626fbf9} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f49f619f-4321-11e7-813f-bc855626fbf9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{f49f619f-4321-11e7-813f-bc855626fbf9} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => valor restaurado com sucesso
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => chave não encontrado (a).
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk => movido com sucesso
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09E325F7-CF90-47FF-B22F-CE92FCE89158} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09E325F7-CF90-47FF-B22F-CE92FCE89158} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{276CDEA2-4059-4AE1-BFC4-877A5DF69A14} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{276CDEA2-4059-4AE1-BFC4-877A5DF69A14} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{329E3696-5A5C-4176-B9A4-C8603241131A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329E3696-5A5C-4176-B9A4-C8603241131A} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33488942-0342-44AE-844F-1BE197402CF8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33488942-0342-44AE-844F-1BE197402CF8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3204385561-3160567561-411584990-1001 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3658D449-F9B9-4BD2-8A88-DE32992E29A5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3658D449-F9B9-4BD2-8A88-DE32992E29A5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\update-sys => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43F4416D-3E20-4F6C-A51F-70C14816B6C7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F4416D-3E20-4F6C-A51F-70C14816B6C7} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\avast! SL Update => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! SL Update => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AFD6DB-99E3-4FDA-8939-976C973284BC} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AFD6DB-99E3-4FDA-8939-976C973284BC} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65FCBD95-CA2B-456F-923D-9D82CE1E363C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65FCBD95-CA2B-456F-923D-9D82CE1E363C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SkipUac_Cleuton => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E74FA47-04C9-40E3-A7EA-E709A243BD5D} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E74FA47-04C9-40E3-A7EA-E709A243BD5D} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8764F5B0-288B-4EEA-BAD8-CB8330334486} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8764F5B0-288B-4EEA-BAD8-CB8330334486} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-3204385561-3160567561-411584990-1001 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90AE85B4-1D2C-48FF-9538-6641CAD770D4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90AE85B4-1D2C-48FF-9538-6641CAD770D4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98CD8CA3-A45E-4E61-B74F-5C33E5312D77} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CD8CA3-A45E-4E61-B74F-5C33E5312D77} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A201D89F-FDA2-4339-9F75-2199AD6D43C4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A201D89F-FDA2-4339-9F75-2199AD6D43C4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCCB62B8-64DE-435F-B9CE-11F4C612DB36} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCCB62B8-64DE-435F-B9CE-11F4C612DB36} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3B09BA6-604D-42AB-859C-ADDEAF0A128E} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3B09BA6-604D-42AB-859C-ADDEAF0A128E} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Updates\KnifeBoot => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updates\KnifeBoot => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001.job => movido com sucesso
C:\WINDOWS\Tasks\update-sys.job => movido com sucesso
C:\Users\Cleuton\Desktop\user0 - Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso..
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Services\SecureLine => chave removido (a) com sucesso.
SecureLine => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKey => chave removido (a) com sucesso.
TrueKey => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyScheduler => chave removido (a) com sucesso.
TrueKeyScheduler => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyServiceHelper => chave removido (a) com sucesso.
TrueKeyServiceHelper => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\AcuWVSSchedulerv9 => chave removido (a) com sucesso.
AcuWVSSchedulerv9 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\CG6Service => chave removido (a) com sucesso.
CG6Service => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\PnkBstrA => chave removido (a) com sucesso.
PnkBstrA => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\WTFast.Service => chave removido (a) com sucesso.
WTFast.Service => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\DrvAgent64 => chave removido (a) com sucesso.
DrvAgent64 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TMAgent => chave removido (a) com sucesso.
TMAgent => serviço removido (a) com sucesso.
C:\Users\Cleuton\Desktop\Rkill.txt => movido com sucesso
C:\Users\Cleuton\Desktop\winlogon.exe => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\Users\Cleuton\Desktop\adwcleaner_7.0.3.1.exe => movido com sucesso
C:\Program Files (x86)\McAfee => movido com sucesso
"C:\Users\Todos os Usu�rios\McAfee" => não encontrado (a).
C:\ProgramData\McAfee => movido com sucesso
"C:\Users\Todos os Usu�rios\boost_interprocess" => não encontrado (a).
C:\ProgramData\boost_interprocess => movido com sucesso
C:\Users\Cleuton\AppData\Roaming\winscp.rnd => movido com sucesso
C:\Users\Cleuton\AppData\Local\PUTTY.RND => movido com sucesso
C:\ProgramData\FileSplitUpLoad.dll => movido com sucesso
"C:\Users\Cleuton\AppData\Local\Temp\3582-490\chrome.exe" => não encontrado (a).
C:\Program Files\TrueKey\McTkSchedulerService.exe => movido com sucesso
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe => movido com sucesso
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe => movido com sucesso
"C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a).
"C:\Users\Todos os Usu�rios\FileSplitUpLoad.dll" => não encontrado (a).
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => chave removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
========= Fim de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
=========== EmptyTemp: ==========
BITS transfer queue => 4921645 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14354237 B
Java, Flash, Steam htmlcache => 54771079 B
Windows/system/drivers => 4704798 B
Edge => 339670836 B
Chrome => 641024 B
Firefox => 205111917 B
Opera => 202968639 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 9387275 B
LocalService => 12276 B
NetworkService => 2758 B
Cleuton => 63559173 B
Familia => 103521667 B
RecycleBin => 1640506 B
EmptyTemp: => 958.7 MB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 13:29:06 ====
Executado por Cleuton (18-10-2017 13:27:21) Run:1
Executando a partir de C:\Users\Cleuton\Desktop
Perfis Carregados: Cleuton (Perfis Disponíveis: Cleuton & Familia)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
CHR Profile: C:\Users\Cleuton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-10-14] <==== ATEN��O
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restri��o <==== ATEN��O
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [267416 2017-10-13] ()
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe <==== ATEN��O
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe <==== ATEN��O
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\...\MountPoints2: {f49f60fd-4321-11e7-813f-bc855626fbf9} - "D:\autorun.exe"
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\...\MountPoints2: {f49f619f-4321-11e7-813f-bc855626fbf9} - "E:\autoplay.exe"
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellExecuteHooks: Sem Nome - {D53A7C8A-0595-11E7-85F9-64006A5CFC35} - -> Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2017-08-18]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Task: {09E325F7-CF90-47FF-B22F-CE92FCE89158} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATEN��O
Task: {276CDEA2-4059-4AE1-BFC4-877A5DF69A14} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATEN��O
Task: {329E3696-5A5C-4176-B9A4-C8603241131A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06] (Piriform Ltd)
Task: {33488942-0342-44AE-844F-1BE197402CF8} - \WPD\SqmUpload_S-1-5-21-3204385561-3160567561-411584990-1001 -> Nenhum Arquivo <==== ATEN��O
Task: {3658D449-F9B9-4BD2-8A88-DE32992E29A5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATEN��O
Task: {3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-10-13] ()
Task: {43F4416D-3E20-4F6C-A51F-70C14816B6C7} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-10-31] (AVAST Software)
Task: {52AFD6DB-99E3-4FDA-8939-976C973284BC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATEN��O
Task: {65FCBD95-CA2B-456F-923D-9D82CE1E363C} - \ASC10_SkipUac_Cleuton -> Nenhum Arquivo <==== ATEN��O
Task: {75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATEN��O
Task: {7E74FA47-04C9-40E3-A7EA-E709A243BD5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATEN��O
Task: {7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATEN��O
Task: {8764F5B0-288B-4EEA-BAD8-CB8330334486} - System32\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-10-13] ()
Task: {90AE85B4-1D2C-48FF-9538-6641CAD770D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATEN��O
Task: {98CD8CA3-A45E-4E61-B74F-5C33E5312D77} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATEN��O
Task: {A201D89F-FDA2-4339-9F75-2199AD6D43C4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATEN��O
Task: {C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATEN��O
Task: {CCCB62B8-64DE-435F-B9CE-11F4C612DB36} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATEN��O
Task: {D3B09BA6-604D-42AB-859C-ADDEAF0A128E} - System32\Tasks\Updates\KnifeBoot => powershell -Windowstyle hidden -NoLogo -ExecutionPolicy Bypass -noexit -Command [System.Reflection.Assembly]::Load([System.Convert]::FromBase64String((Get-ItemProperty HKCU:\Software\Rahoz).LegalAuth)).EntryPoint.Invoke($Null,$Null) <==== ATEN��O
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
ShortcutWithArgument: C:\Users\Cleuton\Desktop\user0 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () -> --profile-directory="ChromeDefaultData"
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3204385561-3160567561-411584990-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - Sem Nome - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [701032 2016-10-31] (AVAST Software)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 AcuWVSSchedulerv9; "C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 9.5\WVSScheduler.exe" [X]
S4 CG6Service; "C:\Program Files (x86)\CyberGhost\CyberGhost.Service.exe" [X]
S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]
S2 WTFast.Service; "C:\Program Files (x86)\WTFast\service\WTFast.Service.exe" [X]
S3 DrvAgent64; n�o ImagePath
U2 TMAgent; n�o ImagePath
2017-10-16 08:19 - 2017-10-17 16:58 - 000004296 _____ C:\Users\Cleuton\Desktop\Rkill.txt
2017-10-16 08:18 - 2017-10-16 08:18 - 005660147 _____ (Swearware) C:\Users\Cleuton\Desktop\winlogon.exe
2017-10-14 23:31 - 2017-10-14 23:33 - 000000000 ____D C:\AdwCleaner
2017-10-14 23:23 - 2017-10-15 10:24 - 008292304 _____ C:\Users\Cleuton\Desktop\adwcleaner_7.0.3.1.exe
2017-07-22 01:19 - 2017-10-08 17:53 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-07-22 01:09 - 2017-07-23 11:36 - 000000000 ____D C:\Users\Todos os Usu�rios\McAfee
2017-07-22 01:09 - 2017-07-23 11:36 - 000000000 ____D C:\ProgramData\McAfee
2017-09-26 22:19 - 2014-11-17 18:31 - 000000000 ____D C:\Users\Todos os Usu�rios\boost_interprocess
2017-09-26 22:19 - 2014-11-17 18:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-04-14 22:40 - 2017-06-21 14:18 - 000000600 _____ () C:\Users\Cleuton\AppData\Roaming\winscp.rnd
2017-04-14 15:34 - 2017-06-21 14:35 - 000000600 _____ () C:\Users\Cleuton\AppData\Local\PUTTY.RND
2014-01-15 02:15 - 2014-01-15 02:15 - 000167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Cleuton\AppData\Local\Temp\3582-490\chrome.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usu�rios\FileSplitUpLoad.dll
RemoveProxy:
EmptyTemp:
Hosts:
Reboot:
end
*****************
Processos fechados com sucesso.
C:\Users\Cleuton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => movido com sucesso
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => chave removido (a) com sucesso.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Lightshot => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave removido (a) com sucesso.
HKU\S-1-5-18\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f49f60fd-4321-11e7-813f-bc855626fbf9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{f49f60fd-4321-11e7-813f-bc855626fbf9} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f49f619f-4321-11e7-813f-bc855626fbf9} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{f49f619f-4321-11e7-813f-bc855626fbf9} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => valor restaurado com sucesso
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{D53A7C8A-0595-11E7-85F9-64006A5CFC35} => chave não encontrado (a).
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk => movido com sucesso
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09E325F7-CF90-47FF-B22F-CE92FCE89158} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09E325F7-CF90-47FF-B22F-CE92FCE89158} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{276CDEA2-4059-4AE1-BFC4-877A5DF69A14} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{276CDEA2-4059-4AE1-BFC4-877A5DF69A14} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{329E3696-5A5C-4176-B9A4-C8603241131A} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329E3696-5A5C-4176-B9A4-C8603241131A} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33488942-0342-44AE-844F-1BE197402CF8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33488942-0342-44AE-844F-1BE197402CF8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3204385561-3160567561-411584990-1001 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3658D449-F9B9-4BD2-8A88-DE32992E29A5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3658D449-F9B9-4BD2-8A88-DE32992E29A5} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C8B8FDA-D7DA-4500-86C7-A610A8F69FD8} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\update-sys => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43F4416D-3E20-4F6C-A51F-70C14816B6C7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F4416D-3E20-4F6C-A51F-70C14816B6C7} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\avast! SL Update => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! SL Update => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AFD6DB-99E3-4FDA-8939-976C973284BC} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AFD6DB-99E3-4FDA-8939-976C973284BC} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65FCBD95-CA2B-456F-923D-9D82CE1E363C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65FCBD95-CA2B-456F-923D-9D82CE1E363C} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SkipUac_Cleuton => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75BCE21A-6B92-4C29-9A32-87C4FDFD0E64} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E74FA47-04C9-40E3-A7EA-E709A243BD5D} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E74FA47-04C9-40E3-A7EA-E709A243BD5D} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA48A4D-CEA4-45F3-87DE-D755BC9EF174} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8764F5B0-288B-4EEA-BAD8-CB8330334486} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8764F5B0-288B-4EEA-BAD8-CB8330334486} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001 => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-3204385561-3160567561-411584990-1001 => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90AE85B4-1D2C-48FF-9538-6641CAD770D4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90AE85B4-1D2C-48FF-9538-6641CAD770D4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98CD8CA3-A45E-4E61-B74F-5C33E5312D77} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CD8CA3-A45E-4E61-B74F-5C33E5312D77} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A201D89F-FDA2-4339-9F75-2199AD6D43C4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A201D89F-FDA2-4339-9F75-2199AD6D43C4} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C24ADA25-0970-4EB2-88C7-D8C23EECAEFE} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCCB62B8-64DE-435F-B9CE-11F4C612DB36} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCCB62B8-64DE-435F-B9CE-11F4C612DB36} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3B09BA6-604D-42AB-859C-ADDEAF0A128E} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3B09BA6-604D-42AB-859C-ADDEAF0A128E} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Updates\KnifeBoot => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updates\KnifeBoot => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\update-S-1-5-21-3204385561-3160567561-411584990-1001.job => movido com sucesso
C:\WINDOWS\Tasks\update-sys.job => movido com sucesso
C:\Users\Cleuton\Desktop\user0 - Chrome.lnk => Atalho argumento removido (a) com sucesso..
C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso..
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave não encontrado (a).
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => valor removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => chave não encontrado (a).
HKLM\System\CurrentControlSet\Services\SecureLine => chave removido (a) com sucesso.
SecureLine => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKey => chave removido (a) com sucesso.
TrueKey => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyScheduler => chave removido (a) com sucesso.
TrueKeyScheduler => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyServiceHelper => chave removido (a) com sucesso.
TrueKeyServiceHelper => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\AcuWVSSchedulerv9 => chave removido (a) com sucesso.
AcuWVSSchedulerv9 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\CG6Service => chave removido (a) com sucesso.
CG6Service => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\PnkBstrA => chave removido (a) com sucesso.
PnkBstrA => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\WTFast.Service => chave removido (a) com sucesso.
WTFast.Service => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\DrvAgent64 => chave removido (a) com sucesso.
DrvAgent64 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TMAgent => chave removido (a) com sucesso.
TMAgent => serviço removido (a) com sucesso.
C:\Users\Cleuton\Desktop\Rkill.txt => movido com sucesso
C:\Users\Cleuton\Desktop\winlogon.exe => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\Users\Cleuton\Desktop\adwcleaner_7.0.3.1.exe => movido com sucesso
C:\Program Files (x86)\McAfee => movido com sucesso
"C:\Users\Todos os Usu�rios\McAfee" => não encontrado (a).
C:\ProgramData\McAfee => movido com sucesso
"C:\Users\Todos os Usu�rios\boost_interprocess" => não encontrado (a).
C:\ProgramData\boost_interprocess => movido com sucesso
C:\Users\Cleuton\AppData\Roaming\winscp.rnd => movido com sucesso
C:\Users\Cleuton\AppData\Local\PUTTY.RND => movido com sucesso
C:\ProgramData\FileSplitUpLoad.dll => movido com sucesso
"C:\Users\Cleuton\AppData\Local\Temp\3582-490\chrome.exe" => não encontrado (a).
C:\Program Files\TrueKey\McTkSchedulerService.exe => movido com sucesso
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe => movido com sucesso
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe => movido com sucesso
"C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a).
"C:\Users\Todos os Usu�rios\FileSplitUpLoad.dll" => não encontrado (a).
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => chave removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3204385561-3160567561-411584990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
========= Fim de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
=========== EmptyTemp: ==========
BITS transfer queue => 4921645 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14354237 B
Java, Flash, Steam htmlcache => 54771079 B
Windows/system/drivers => 4704798 B
Edge => 339670836 B
Chrome => 641024 B
Firefox => 205111917 B
Opera => 202968639 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 9387275 B
LocalService => 12276 B
NetworkService => 2758 B
Cleuton => 63559173 B
Familia => 103521667 B
RecycleBin => 1640506 B
EmptyTemp: => 958.7 MB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 13:29:06 ====