Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02.01.2018
Executado por Juan (11-01-2018 10:14:02) Run:1
Executando a partir de C:\Users\Juan\Desktop
Perfis Carregados: Juan (Perfis Disponíveis: Juan)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
start
Closeprocesses:
ShortcutTarget: u.lnk -> C:\Users\Juan\AppData\Roaming\obwY7IoQz4.exe (Nenhum Arquivo)
ShortcutTarget: Y.lnk -> C:\Users\Juan\AppData\Roaming\objFuzepcn.exe (Nenhum Arquivo)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1419942921&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.0.com/?type=hppp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1419942921&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX&q={searchTerms}
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.0.com/?type=hp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.0.com/?type=hppp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.qbex.com.br
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll Nenhum Arquivo
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Nenhum Arquivo
S3 BdSandbox; C:\WINDOWS\System32\drivers\BdSandbox.sys [201536 2014-12-30] (Baidu, Inc.)
R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [59712 2014-12-30] (Baidu, Inc.)
R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [38208 2014-12-30] (Baidu, Inc.)
R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [66720 2014-12-30] (Baidu, Inc.)
R1 Bndef; C:\WINDOWS\System32\drivers\bndef64.sys [481696 2014-12-30] (Baidu, Inc.)
R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [164096 2014-12-30] (Baidu, Inc.)
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]
2018-01-07 21:39 - 2013-11-20 17:01 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2018-01-07 21:39 - 2013-11-20 17:01 - 000000000 ____D C:\ProgramData\ProductData
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll -> Nenhum Arquivo
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => -> Nenhum Arquivo
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => -> Nenhum Arquivo
Task: {3137ED88-2764-4AC4-91A2-A182000D1EC9} - System32\Tasks\UpdaterEX => C:\Users\Qbex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {420EC9A1-B10D-4DD2-8059-94C087F960EA} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {4410F3DE-BA59-46A8-B19A-2DFA8AC8792A} - \Optimize Start Menu Cache Files-S-1-5-21-3817476712-227097123-3840079092-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {564CA078-E4D7-4A49-83E5-4FB1EDE2577D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\WINDOWS\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {66B5E633-BEF1-4EA3-8E55-ACA36095EE88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {671C9D67-82F2-4F34-9307-AEEC978196E5} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {6C774868-3DA5-488F-9F87-D9374AFE57E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6D6080B2-0724-4ED4-BCE4-373CF3B7BC65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {75A87B73-3D83-4E37-8BD8-B313FD80ABF8} - \CCleanerSkipUAC -> Nenhum Arquivo <==== ATENÇÃO
Task: {7802F553-1753-4307-9A54-0BEAA690B603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {843A6CF0-FF51-40C1-89DF-43959D8B469C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-08-06] ()
Task: {905E4E06-4C15-4142-9C08-15A461CA1FFA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1002 -> Nenhum Arquivo <==== ATENÇÃO
Task: {AB8E9FC6-9913-438B-B0DD-2AF85A1CD123} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1007 -> Nenhum Arquivo <==== ATENÇÃO
Task: {B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C374E66D-A430-448B-B273-FA168EC48BF1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C82AECD1-7F93-4A88-AE1E-FF67125226E6} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {F7DC506C-A113-4D8D-A27A-8278439A8E41} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F83C48AE-59F1-478E-B44B-D6118C512215} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe/installcrx /crxinstalltype=0 /agentregpath='Plus-HD-4.4' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.4\39676.crx' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-codedownloader.exeư/reinstallapp /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-enabler.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-enabler.exeƅ/enablebho /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-firefoxinstaller.exe/installxpi /agentregpath='Plus-HD-4.4' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.4\39676.xpi' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=7d04e0dd-e717-4311-bcbc-b7636adb99a5@300322bc-0824-4364-854a-6105e7ba1d2f.com /extensionversion=0.93 /prefsbranch=a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/39676.rdf <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-updater.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-updater.exeǨ/runupdater /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.syncstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Qbex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
2018-01-10 14:38 - 2018-01-10 14:38 - 000489984 _____ () \\?\C:\Users\Juan\AppData\Local\Temp\9C06.tmp.node
2018-01-10 14:39 - 2018-01-10 14:39 - 000489984 _____ () \\?\C:\Users\Juan\AppData\Local\Temp\BCAD.tmp.node
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avwfhoac.sys:changelist [290]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gnwhcvws.sys:changelist [290]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\littfdjb.sys:changelist [290]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [138]
AlternateDataStreams: C:\Users\Juan\AppData\Local\H5W4xtRg8FJc:Z6lsP8Twn9wsXLHYnLsZ [2146]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:A1EDB939 [138]
C:\Windows\Temp\SppExtComObjHook.dll
C:\WINDOWS\AutoKMS\AutoKMS.exe
C:\WINDOWS\AutoKMS
CreateRestorePoint:
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
"C:\Users\Juan\AppData\Roaming\obwY7IoQz4.exe" => não encontrado (a)
"C:\Users\Juan\AppData\Roaming\objFuzepcn.exe" => não encontrado (a)
"HKLM\SOFTWARE\Policies\Google" => removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removido (a) com sucesso.
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Classes\regfile" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removido (a) com sucesso.
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a)
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => chave não encontrado (a)
"HKLM\Software\Classes\PROTOCOLS\Handler\ms-help" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => chave não encontrado (a)
"HKLM\System\CurrentControlSet\Services\BdSandbox" => removido (a) com sucesso.
BdSandbox => serviço removido (a) com sucesso.
Bfilter => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bfilter" => removido (a) com sucesso.
Bfilter => serviço removido (a) com sucesso.
Bfmon => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bfmon" => removido (a) com sucesso.
Bfmon => serviço removido (a) com sucesso.
Bnbase => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bnbase" => removido (a) com sucesso.
Bnbase => serviço removido (a) com sucesso.
Bndef => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bndef" => removido (a) com sucesso.
Bndef => serviço removido (a) com sucesso.
Bprotect => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bprotect" => removido (a) com sucesso.
Bprotect => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\X6va062" => removido (a) com sucesso.
X6va062 => serviço removido (a) com sucesso.
C:\Users\Todos os Usuários\ProductData => movido com sucesso
"C:\ProgramData\ProductData" => não encontrado (a)
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => chave não encontrado (a)
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Baidu_Scan" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => chave não encontrado (a)
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => chave não encontrado (a)
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538}" => removido (a) com sucesso.
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave não encontrado (a)
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" => removido (a) com sucesso.
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => chave não encontrado (a)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3137ED88-2764-4AC4-91A2-A182000D1EC9} => Não pode ser removido chave. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3137ED88-2764-4AC4-91A2-A182000D1EC9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\UpdaterEX => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{420EC9A1-B10D-4DD2-8059-94C087F960EA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{420EC9A1-B10D-4DD2-8059-94C087F960EA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4410F3DE-BA59-46A8-B19A-2DFA8AC8792A}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4410F3DE-BA59-46A8-B19A-2DFA8AC8792A}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-3817476712-227097123-3840079092-1001" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{564CA078-E4D7-4A49-83E5-4FB1EDE2577D}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{564CA078-E4D7-4A49-83E5-4FB1EDE2577D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66B5E633-BEF1-4EA3-8E55-ACA36095EE88}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66B5E633-BEF1-4EA3-8E55-ACA36095EE88}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{671C9D67-82F2-4F34-9307-AEEC978196E5}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{671C9D67-82F2-4F34-9307-AEEC978196E5}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1001" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C774868-3DA5-488F-9F87-D9374AFE57E1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C774868-3DA5-488F-9F87-D9374AFE57E1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D6080B2-0724-4ED4-BCE4-373CF3B7BC65}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D6080B2-0724-4ED4-BCE4-373CF3B7BC65}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75A87B73-3D83-4E37-8BD8-B313FD80ABF8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A87B73-3D83-4E37-8BD8-B313FD80ABF8}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7802F553-1753-4307-9A54-0BEAA690B603}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7802F553-1753-4307-9A54-0BEAA690B603}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{843A6CF0-FF51-40C1-89DF-43959D8B469C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{843A6CF0-FF51-40C1-89DF-43959D8B469C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\AutoKMS => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{905E4E06-4C15-4142-9C08-15A461CA1FFA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{905E4E06-4C15-4142-9C08-15A461CA1FFA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1002" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB8E9FC6-9913-438B-B0DD-2AF85A1CD123}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB8E9FC6-9913-438B-B0DD-2AF85A1CD123}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1007" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C374E66D-A430-448B-B273-FA168EC48BF1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C374E66D-A430-448B-B273-FA168EC48BF1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82AECD1-7F93-4A88-AE1E-FF67125226E6}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82AECD1-7F93-4A88-AE1E-FF67125226E6}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7DC506C-A113-4D8D-A27A-8278439A8E41}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7DC506C-A113-4D8D-A27A-8278439A8E41}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F83C48AE-59F1-478E-B44B-D6118C512215}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F83C48AE-59F1-478E-B44B-D6118C512215}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removido (a) com sucesso.
C:\WINDOWS\Tasks\Plus-HD-4.4-chromeinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-codedownloader.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-enabler.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-firefoxinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-updater.job => movido com sucesso
C:\WINDOWS\Tasks\UpdaterEX.job => movido com sucesso
C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.
C:\Users\Juan\AppData\Local\Temp\9C06.tmp.node => movido com sucesso
C:\Users\Juan\AppData\Local\Temp\BCAD.tmp.node => movido com sucesso
C:\WINDOWS\system32\Drivers\avwfhoac.sys => ":changelist" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\gnwhcvws.sys => ":changelist" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\littfdjb.sys => ":changelist" ADS removido (a) com sucesso.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removido (a) com sucesso.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removido (a) com sucesso.
C:\ProgramData\TEMP => ":A1EDB939" ADS removido (a) com sucesso.
C:\Users\Juan\AppData\Local\H5W4xtRg8FJc => ":Z6lsP8Twn9wsXLHYnLsZ" ADS removido (a) com sucesso.
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT" ADS não encontrado (a).
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT2" ADS não encontrado (a).
"C:\Users\Todos os Usuários\TEMP" => ":A1EDB939" ADS não encontrado (a).
"C:\Windows\Temp\SppExtComObjHook.dll" => não encontrado (a)
C:\WINDOWS\AutoKMS\AutoKMS.exe => movido com sucesso
C:\WINDOWS\AutoKMS => movido com sucesso
Ponto de Restauração criado com sucesso.
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31037601 B
Java, Flash, Steam htmlcache => 101259012 B
Windows/system/drivers => 21743767 B
Edge => 1007106 B
Chrome => 859763015 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 161258 B
Juan => 54116619 B
RecycleBin => 0 B
EmptyTemp: => 1 GB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 10:19:08 ====
Executado por Juan (11-01-2018 10:14:02) Run:1
Executando a partir de C:\Users\Juan\Desktop
Perfis Carregados: Juan (Perfis Disponíveis: Juan)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
start
Closeprocesses:
ShortcutTarget: u.lnk -> C:\Users\Juan\AppData\Roaming\obwY7IoQz4.exe (Nenhum Arquivo)
ShortcutTarget: Y.lnk -> C:\Users\Juan\AppData\Roaming\objFuzepcn.exe (Nenhum Arquivo)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1419942921&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.0.com/?type=hppp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1419942921&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX&q={searchTerms}
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.0.com/?type=hp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.0.com/?type=hppp&ts=1419942934&from=pcm&uid=HitachiXHDS721010KLA330_GTF002PAHELKEFHELKEFX
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.qbex.com.br
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Classes\regfile: regedit.exe "%1" <==== ATENÇÃO
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-3817476712-227097123-3840079092-1007 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll Nenhum Arquivo
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Nenhum Arquivo
S3 BdSandbox; C:\WINDOWS\System32\drivers\BdSandbox.sys [201536 2014-12-30] (Baidu, Inc.)
R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [59712 2014-12-30] (Baidu, Inc.)
R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [38208 2014-12-30] (Baidu, Inc.)
R1 Bnbase; C:\WINDOWS\System32\drivers\bnbasex64.sys [66720 2014-12-30] (Baidu, Inc.)
R1 Bndef; C:\WINDOWS\System32\drivers\bndef64.sys [481696 2014-12-30] (Baidu, Inc.)
R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [164096 2014-12-30] (Baidu, Inc.)
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]
2018-01-07 21:39 - 2013-11-20 17:01 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2018-01-07 21:39 - 2013-11-20 17:01 - 000000000 ____D C:\ProgramData\ProductData
ContextMenuHandlers1-x32: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll -> Nenhum Arquivo
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => -> Nenhum Arquivo
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => -> Nenhum Arquivo
Task: {3137ED88-2764-4AC4-91A2-A182000D1EC9} - System32\Tasks\UpdaterEX => C:\Users\Qbex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {420EC9A1-B10D-4DD2-8059-94C087F960EA} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {4410F3DE-BA59-46A8-B19A-2DFA8AC8792A} - \Optimize Start Menu Cache Files-S-1-5-21-3817476712-227097123-3840079092-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {564CA078-E4D7-4A49-83E5-4FB1EDE2577D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\WINDOWS\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {66B5E633-BEF1-4EA3-8E55-ACA36095EE88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {671C9D67-82F2-4F34-9307-AEEC978196E5} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1001 -> Nenhum Arquivo <==== ATENÇÃO
Task: {6C774868-3DA5-488F-9F87-D9374AFE57E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6D6080B2-0724-4ED4-BCE4-373CF3B7BC65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {75A87B73-3D83-4E37-8BD8-B313FD80ABF8} - \CCleanerSkipUAC -> Nenhum Arquivo <==== ATENÇÃO
Task: {7802F553-1753-4307-9A54-0BEAA690B603} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {843A6CF0-FF51-40C1-89DF-43959D8B469C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-08-06] ()
Task: {905E4E06-4C15-4142-9C08-15A461CA1FFA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1002 -> Nenhum Arquivo <==== ATENÇÃO
Task: {AB8E9FC6-9913-438B-B0DD-2AF85A1CD123} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0} - \WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1007 -> Nenhum Arquivo <==== ATENÇÃO
Task: {B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C374E66D-A430-448B-B273-FA168EC48BF1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C82AECD1-7F93-4A88-AE1E-FF67125226E6} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO
Task: {CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {F7DC506C-A113-4D8D-A27A-8278439A8E41} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F83C48AE-59F1-478E-B44B-D6118C512215} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-chromeinstaller.exe/installcrx /crxinstalltype=0 /agentregpath='Plus-HD-4.4' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.4\39676.crx' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-codedownloader.exeư/reinstallapp /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-enabler.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-enabler.exeƅ/enablebho /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-firefoxinstaller.exe/installxpi /agentregpath='Plus-HD-4.4' /extensionfilepath C:\Program Files (x86)\Plus-HD-4.4\39676.xpi' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installerfullversion=1.31.153.1 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=7d04e0dd-e717-4311-bcbc-b7636adb99a5@300322bc-0824-4364-854a-6105e7ba1d2f.com /extensionversion=0.93 /prefsbranch=a7d04e0dde7174311bcbcb7636adb99a5300322bc08244364854a6105e7ba1d2fcom39676 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/39676.rdf <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\Plus-HD-4.4-updater.job => C:\Program Files (x86)\Plus-HD-4.4\Plus-HD-4.4-updater.exeǨ/runupdater /agentregpath='Plus-HD-4.4' /appid=39676 /srcid='000760' /subid='0' /zdata='0' /bic=07CE4F1CD3C043D58F3E5ED30F98FD1BIE /verifier=13f97af0cd281b3d175b83580e201f60 /installerversion=1_31_153 /installationtime=1387409550 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.syncstatsdata.com <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Qbex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
2018-01-10 14:38 - 2018-01-10 14:38 - 000489984 _____ () \\?\C:\Users\Juan\AppData\Local\Temp\9C06.tmp.node
2018-01-10 14:39 - 2018-01-10 14:39 - 000489984 _____ () \\?\C:\Users\Juan\AppData\Local\Temp\BCAD.tmp.node
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avwfhoac.sys:changelist [290]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gnwhcvws.sys:changelist [290]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\littfdjb.sys:changelist [290]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [138]
AlternateDataStreams: C:\Users\Juan\AppData\Local\H5W4xtRg8FJc:Z6lsP8Twn9wsXLHYnLsZ [2146]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:A1EDB939 [138]
C:\Windows\Temp\SppExtComObjHook.dll
C:\WINDOWS\AutoKMS\AutoKMS.exe
C:\WINDOWS\AutoKMS
CreateRestorePoint:
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
"C:\Users\Juan\AppData\Roaming\obwY7IoQz4.exe" => não encontrado (a)
"C:\Users\Juan\AppData\Roaming\objFuzepcn.exe" => não encontrado (a)
"HKLM\SOFTWARE\Policies\Google" => removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removido (a) com sucesso.
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\Software\Classes\regfile" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removido (a) com sucesso.
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a)
"HKU\S-1-5-21-3817476712-227097123-3840079092-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => chave não encontrado (a)
"HKLM\Software\Classes\PROTOCOLS\Handler\ms-help" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => chave não encontrado (a)
"HKLM\System\CurrentControlSet\Services\BdSandbox" => removido (a) com sucesso.
BdSandbox => serviço removido (a) com sucesso.
Bfilter => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bfilter" => removido (a) com sucesso.
Bfilter => serviço removido (a) com sucesso.
Bfmon => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bfmon" => removido (a) com sucesso.
Bfmon => serviço removido (a) com sucesso.
Bnbase => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bnbase" => removido (a) com sucesso.
Bnbase => serviço removido (a) com sucesso.
Bndef => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bndef" => removido (a) com sucesso.
Bndef => serviço removido (a) com sucesso.
Bprotect => Não foi possível finalizar o serviço.
"HKLM\System\CurrentControlSet\Services\Bprotect" => removido (a) com sucesso.
Bprotect => serviço removido (a) com sucesso.
"HKLM\System\CurrentControlSet\Services\X6va062" => removido (a) com sucesso.
X6va062 => serviço removido (a) com sucesso.
C:\Users\Todos os Usuários\ProductData => movido com sucesso
"C:\ProgramData\ProductData" => não encontrado (a)
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu" => removido (a) com sucesso.
HKLM\Software\Wow6432Node\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => chave não encontrado (a)
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Baidu_Scan" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => chave não encontrado (a)
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => chave não encontrado (a)
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538}" => removido (a) com sucesso.
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave não encontrado (a)
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension" => removido (a) com sucesso.
"HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" => removido (a) com sucesso.
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan" => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => chave não encontrado (a)
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3137ED88-2764-4AC4-91A2-A182000D1EC9} => Não pode ser removido chave. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3137ED88-2764-4AC4-91A2-A182000D1EC9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\UpdaterEX => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{420EC9A1-B10D-4DD2-8059-94C087F960EA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{420EC9A1-B10D-4DD2-8059-94C087F960EA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4410F3DE-BA59-46A8-B19A-2DFA8AC8792A}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4410F3DE-BA59-46A8-B19A-2DFA8AC8792A}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-3817476712-227097123-3840079092-1001" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{564CA078-E4D7-4A49-83E5-4FB1EDE2577D}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{564CA078-E4D7-4A49-83E5-4FB1EDE2577D}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66B5E633-BEF1-4EA3-8E55-ACA36095EE88}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66B5E633-BEF1-4EA3-8E55-ACA36095EE88}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{671C9D67-82F2-4F34-9307-AEEC978196E5}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{671C9D67-82F2-4F34-9307-AEEC978196E5}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1001" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C774868-3DA5-488F-9F87-D9374AFE57E1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C774868-3DA5-488F-9F87-D9374AFE57E1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D6080B2-0724-4ED4-BCE4-373CF3B7BC65}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D6080B2-0724-4ED4-BCE4-373CF3B7BC65}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75A87B73-3D83-4E37-8BD8-B313FD80ABF8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A87B73-3D83-4E37-8BD8-B313FD80ABF8}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7802F553-1753-4307-9A54-0BEAA690B603}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7802F553-1753-4307-9A54-0BEAA690B603}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{843A6CF0-FF51-40C1-89DF-43959D8B469C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{843A6CF0-FF51-40C1-89DF-43959D8B469C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\AutoKMS => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{905E4E06-4C15-4142-9C08-15A461CA1FFA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{905E4E06-4C15-4142-9C08-15A461CA1FFA}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A6DD33A-7278-4D74-AA5F-8ACCC6C3807E}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1002" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB8E9FC6-9913-438B-B0DD-2AF85A1CD123}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB8E9FC6-9913-438B-B0DD-2AF85A1CD123}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6BD420D-8FCD-4EBE-8134-F19DBE0F94A0}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3817476712-227097123-3840079092-1007" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6D1B872-9CB0-4CE3-9C9E-6D3D34BFD42C}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C374E66D-A430-448B-B273-FA168EC48BF1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C374E66D-A430-448B-B273-FA168EC48BF1}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82AECD1-7F93-4A88-AE1E-FF67125226E6}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82AECD1-7F93-4A88-AE1E-FF67125226E6}" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4E8BCB-3ABF-4DAE-B9D0-C671454B615B}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21337F5-CB5F-4DB6-BC0E-9EDEE3D1EAA8}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7DC506C-A113-4D8D-A27A-8278439A8E41}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7DC506C-A113-4D8D-A27A-8278439A8E41}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F83C48AE-59F1-478E-B44B-D6118C512215}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F83C48AE-59F1-478E-B44B-D6118C512215}" => removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removido (a) com sucesso.
C:\WINDOWS\Tasks\Plus-HD-4.4-chromeinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-codedownloader.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-enabler.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-firefoxinstaller.job => movido com sucesso
C:\WINDOWS\Tasks\Plus-HD-4.4-updater.job => movido com sucesso
C:\WINDOWS\Tasks\UpdaterEX.job => movido com sucesso
C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.
C:\Users\Juan\AppData\Local\Temp\9C06.tmp.node => movido com sucesso
C:\Users\Juan\AppData\Local\Temp\BCAD.tmp.node => movido com sucesso
C:\WINDOWS\system32\Drivers\avwfhoac.sys => ":changelist" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\gnwhcvws.sys => ":changelist" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\littfdjb.sys => ":changelist" ADS removido (a) com sucesso.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removido (a) com sucesso.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removido (a) com sucesso.
C:\ProgramData\TEMP => ":A1EDB939" ADS removido (a) com sucesso.
C:\Users\Juan\AppData\Local\H5W4xtRg8FJc => ":Z6lsP8Twn9wsXLHYnLsZ" ADS removido (a) com sucesso.
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT" ADS não encontrado (a).
"C:\Users\Todos os Usuários\MTA San Andreas All" => ":NT2" ADS não encontrado (a).
"C:\Users\Todos os Usuários\TEMP" => ":A1EDB939" ADS não encontrado (a).
"C:\Windows\Temp\SppExtComObjHook.dll" => não encontrado (a)
C:\WINDOWS\AutoKMS\AutoKMS.exe => movido com sucesso
C:\WINDOWS\AutoKMS => movido com sucesso
Ponto de Restauração criado com sucesso.
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31037601 B
Java, Flash, Steam htmlcache => 101259012 B
Windows/system/drivers => 21743767 B
Edge => 1007106 B
Chrome => 859763015 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 161258 B
Juan => 54116619 B
RecycleBin => 0 B
EmptyTemp: => 1 GB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 10:19:08 ====