cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþResultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 21.07.2018

Executado por Maple Bear (26-07-2018 15:36:05) Run:4

Executando a partir de C:\Users\Maple Bear\Desktop

Perfis Carregados: Maple Bear (Perfis Disponíveis: Maple Bear)

Modo da Inicialização: Normal

==============================================



fixlist Conteúdo:

*****************

CloseProcesses:

CHR HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkVuvqY6tXmgtW6wAq_3G5aRco9xrGZxVyM2GZowPWLCnrE5-o3T5PvCiWBNp7C365g29QHzrQ_-Q6i6SMeSurTM_DlqpsmQW-vgJ-s5jnpv1WFmjBqtjya1W23S7WHC-Kg3Npq-3_weHm1OPiPYTC1ZIReyP9n5FUImu5Wf0A,,&q={searchTerms}

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkVuvqY6tXmgtW6wAq_3G5aRco9xrGZxVyM2GZowPWLCnrE5-o3T5PvCiWBNp7C365g29QHzrQ_-Q6i2FbbulbtMY_yhObfZdyUfOkI7kD0ZA0LYE6wMhUmU5eiW6pFIWauP8C0c831GHhjlFuXbHmEibJBW4nmFSdVyH_qDWg,,

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung17win10.msn.com/?pc=SMTE

SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =

SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkVuvqY6tXmgtW6wAq_3G5aRco9xrGZxVyM2GZowPWLCnrE5-o3T5PvCiWBNp7C365g29QHzrQ_-Q6i6SMeSurTM_DlqpsmQW-vgJ-s5jnpv1WFmjBqtjya1W23S7WHC-Kg3Npq-3_weHm1OPiPYTC1ZIReyP9n5FUImu5Wf0A,,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkVuvqY6tXmgtW6wAq_3G5aRco9xrGZxVyM2GZowPWLCnrE5-o3T5PvCiWBNp7C365g29QHzrQ_-Q6i6SMeSurTM_DlqpsmQW-vgJ-s5jnpv1WFmjBqtjya1W23S7WHC-Kg3Npq-3_weHm1OPiPYTC1ZIReyP9n5FUImu5Wf0A,,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001 -> {72B10185-4FDD-4808-B788-0FF5F4CD5EE6} URL =

SearchScopes: HKU\S-1-5-21-4216877997-3920459586-2356809368-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkVuvqY6tXmgtW6wAq_3G5aRco9xrGZxVyM2GZowPWLCnrE5-o3T5PvCiWBNp7C365g29QHzrQ_-Q6i6SMeSurTM_DlqpsmQW-vgJ-s5jnpv1WFmjBqtjya1W23S7WHC-Kg3Npq-3_weHm1OPiPYTC1ZIReyP9n5FUImu5Wf0A,,&q={searchTerms}

HKLM\...\RunOnce: [OMEWPRODUCT_4RRFH] => C:\Program Files (x86)\c4e5i2idlbs\OOBC5V8XNIXC5DE.exe [193536 2018-07-25] (BLJO) <==== ATENýÿýÿO

HKLM\...\RunOnce: [zdkvpsyzhf3] => C:\Program Files (x86)\PMLO\3483853.exe [664576 2018-07-25] ()

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [820BKYM9V8OASAZ] => C:\Program Files\A949NS6C3O\A949NS6C3.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [429699] => C:\Users\Maple Bear\AppData\Roaming\cls4bkk0nhm\0gxe04bloba.exe [537110 2018-07-25] (Gobm )

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [M0D7OJRDPF3F6NY] => C:\Program Files (x86)\c4e5i2idlbs\NF0EX.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [VC1FWU7Y5L7D8BJ] => C:\Program Files\V1OBNIOUTS\V1OBNIOUT.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [UEALPTNUMJEH081] => C:\Program Files\K7BMDM64GL\K7BMDM64G.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [302225] => C:\Users\Maple Bear\AppData\Roaming\24rdlfd0zir\tzja4yvdwjd.exe [537110 2018-07-25] (Gobm )

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [5481861] => C:\Users\Maple Bear\AppData\Roaming\2ltuu2jza0t\2ftovy5o1l2.exe [537110 2018-07-25] (Gobm )

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [1675006] => C:\Users\Maple Bear\AppData\Roaming\k4mm4u3gy20\2ri0gursg3e.exe [537110 2018-07-25] (Gobm )

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [CH84B2JIHH5X4SC] => C:\Program Files\ZISY2WDKFX\MTLJUW7JF.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [1258538] => C:\Users\Maple Bear\AppData\Roaming\odo1acbzw4o\5vc1e2cenqa.exe [537110 2018-07-25] (Gobm )

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [BQLVFXD9T03PGIF] => C:\Program Files\1QGDTP0T64\O19YLPUS7.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [J57LKTND4O41WEU] => C:\Program Files\NTFAJC7CK1\UW3WJF3WE.exe [807936 2018-07-25] (BLJO)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\...\Run: [6177928] => C:\Users\Maple Bear\AppData\Roaming\fuhvesj40b5\q3xcuyv5arf.exe [537110 2018-07-25] (Gobm )

AppInit_DLLs: C:\ProgramData\Voyasollam\Sumtom.dll => Nenhum Arquivo

AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Ranloting.dll => Nenhum Arquivo

GroupPolicy: Restriýÿýÿo - Chrome <==== ATENýÿýÿO

CHR HKLM\SOFTWARE\Policies\Google: Restriýÿýÿo <==== ATENýÿýÿO

R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2018-07-24] () [Arquivo nýÿo assinado] <==== ATENýÿýÿO

R2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2018-07-25] () [Arquivo nýÿo assinado] <==== ATENýÿýÿO

2018-07-25 10:50 - 2018-07-25 10:50 - 000000000 ____D C:\Users\Maple Bear\AppData\Roaming\fuhvesj40b5

2018-07-25 10:50 - 2018-07-25 10:50 - 000000000 ____D C:\Program Files\NTFAJC7CK1

2018-07-25 10:29 - 2018-07-25 10:29 - 000000000 ____D C:\Users\Maple Bear\AppData\Roaming\odo1acbzw4o

2018-07-25 10:29 - 2018-07-25 10:29 - 000000000 ____D C:\Program Files\ZISY2WDKFX

2018-07-25 10:29 - 2018-07-25 10:29 - 000000000 ____D C:\Program Files\1QGDTP0T64

2018-07-25 10:28 - 2018-07-25 10:28 - 000140800 _____ C:\Users\Maple Bear\AppData\Local\installer.dat

2018-07-25 10:28 - 2018-07-25 10:28 - 000000000 ____D C:\Users\Maple Bear\AppData\Roaming\k4mm4u3gy20

2018-07-25 10:28 - 2018-07-25 10:28 - 000000000 ____D C:\Users\Maple Bear\AppData\Roaming\2ltuu2jza0t

2018-07-25 10:34 - 2018-07-25 10:34 - 000375522 _____ ( ) C:\Users\Maple Bear\AppData\Local\Temp\0sz253ohanr.exe

2018-07-25 10:23 - 2018-07-25 10:23 - 002971704 _____ (BitTorrent Inc.) C:\Users\Maple Bear\AppData\Local\Temp\Ativador_Office_2016_PERMANENTE_DEFINITIVO.exe

2013-12-08 19:39 - 2013-12-08 19:39 - 000052224 _____ () C:\Users\Maple Bear\AppData\Local\Temp\Ernestine.dll

2018-07-25 10:24 - 2018-07-25 10:24 - 000540672 _____ () C:\Users\Maple Bear\AppData\Local\Temp\installer_mi.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 000820224 _____ () C:\Users\Maple Bear\AppData\Local\Temp\RegOrganizer.exe

2018-07-25 10:25 - 2018-07-25 10:37 - 015440200 _____ (ChemTable Software ) C:\Users\Maple Bear\AppData\Local\Temp\run.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 008047387 _____ () C:\Users\Maple Bear\AppData\Local\Temp\s2s.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 000667136 _____ () C:\Users\Maple Bear\AppData\Local\Temp\setup.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 000688786 _____ ( ) C:\Users\Maple Bear\AppData\Local\Temp\setupGI.exe

2018-07-25 10:23 - 2018-07-25 10:23 - 000838656 _____ () C:\Users\Maple Bear\AppData\Local\Temp\TigerTrade.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 000256674 _____ () C:\Users\Maple Bear\AppData\Local\Temp\veninstall.exe

2018-07-25 10:24 - 2018-07-25 10:24 - 001130527 _____ (Digital LLC ) C:\Users\Maple Bear\AppData\Local\Temp\whiteclick.exe

2018-07-25 10:50 - 2018-07-25 10:50 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000715264 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp

2018-07-25 10:51 - 2018-07-25 10:51 - 000113152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ctypes.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000080896 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\bz2.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001585152 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_hashlib.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000128512 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32api.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000137728 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pywintypes27.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000548864 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pythoncom27.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000689664 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\unicodedata.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000438784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32com.shell.shell.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001489408 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._core_.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001007104 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._gdi_.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001039872 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._windows_.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001325056 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._controls_.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000916992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._misc_.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 001084416 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pysqlite2._sqlite.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000149504 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32file.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000136192 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32security.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000007680 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\hashobjs_ext.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000020992 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\thumbnails_ext.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000118784 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\usb_ext.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000047616 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_socket.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 002224640 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ssl.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000014848 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\common.time34.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000023040 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32event.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000034304 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.conditional.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.winwrap.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000110080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.volumes.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000223232 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32gui.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000173568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_elementtree.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000169472 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pyexpat.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000048128 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32inet.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000103424 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._html2.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000046080 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_psutil_windows.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000633272 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows._cacheinvalidation.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000011776 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32crypt.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000301568 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\PIL._imaging.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000032256 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_multiprocessing.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 005458944 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\cello.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000026112 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_yappi.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000044032 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32process.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000027648 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pipe.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000010752 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\select.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000029696 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pdh.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000038400 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.connectivity.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000073216 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.device_monitor.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000020480 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32profile.pyd

2018-07-25 10:51 - 2018-07-25 10:51 - 000026624 _____ () C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32ts.pyd

2018-07-25 10:50 - 2018-07-25 10:50 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\_isetup\_isdecmp.dll

2018-07-25 10:50 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\itdownload.dll

2018-07-25 10:51 - 2018-07-25 10:51 - 000024240 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\_isetup\_isdecmp.dll

2018-07-25 10:51 - 2008-10-15 17:44 - 000205312 _____ () C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\itdownload.dll

Task: {2E5DA6B3-85F3-4437-B305-954CC6B92C08} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] ()

Task: {6B374E88-B012-4905-9A00-C39D8AC8B9B0} - System32\Tasks\psv_ZerSonlab => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Transron.reg" & del "C:\ProgramData\Voyasollam\Transron.reg" & SCHTASKS /Delete /TN "psv_ZerSonlab" /F <==== ATENýÿýÿO

Task: {6BCDDB2B-466D-4310-A659-766ED7336B2D} - System32\Tasks\psv_EcoDontex => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Lamlab.reg" & del "C:\ProgramData\Voyasollam\Lamlab.reg" & SCHTASKS /Delete /TN "psv_EcoDontex" /F <==== ATENýÿýÿO

Task: {7B4B4C1B-20DB-43F7-94B5-2B25400D9BF5} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENýÿýÿO

Task: {B2CFC389-6160-4236-8A37-529662C02C4E} - System32\Tasks\psv_Lightron => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & del "C:\ProgramData\Voyasollam\VilaQuosoft.reg" & SCHTASKS /Delete /TN "psv_Lightron" /F <==== ATENýÿýÿO

Task: {DD4EA8FA-DF71-4DA4-941A-757FF467BC45} - System32\Tasks\psv_Dentophase => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\KonRunla.reg" & del "C:\ProgramData\Voyasollam\KonRunla.reg" & SCHTASKS /Delete /TN "psv_Dentophase" /F <==== ATENýÿýÿO

Task: {FA3E1221-3080-428C-8F36-322C41F2D4A8} - System32\Tasks\psv_Toughdox => cmd.exe /c regedit.exe /s "C:\ProgramData\Voyasollam\Hottax.reg" & del "C:\ProgramData\Voyasollam\Hottax.reg" & SCHTASKS /Delete /TN "psv_Toughdox" /F <==== ATENýÿýÿO

FirewallRules: [{61F2D792-0C2F-4B61-B44B-B235B6D9882E}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe

FirewallRules: [{F54D3E4F-827A-488C-8885-79574DC72346}] => (Allow) C:\Users\Maple Bear\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe

AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]

C:\Program Files (x86)\c4e5i2idlbs\OOBC5V8XNIXC5DE.exe

C:\Users\Maple Bear\AppData\Roaming\cls4bkk0nhm\0gxe04bloba.exe

C:\Users\Maple Bear\AppData\Roaming\24rdlfd0zir\tzja4yvdwjd.exe

C:\Users\Maple Bear\AppData\Roaming\2ltuu2jza0t\2ftovy5o1l2.exe

C:\Users\Maple Bear\AppData\Roaming\k4mm4u3gy20\2ri0gursg3e.exe

C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp

C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp

C:\Users\Maple Bear\AppData\Roaming\odo1acbzw4o\5vc1e2cenqa.exe

C:\Users\Maple Bear\AppData\Roaming\fuhvesj40b5\q3xcuyv5arf.exe

C:\Program Files (x86)\c4e5i2idlbs\NF0EX.exe

C:\Program Files\NTFAJC7CK1\UW3WJF3WE.exe

C:\Program Files\1QGDTP0T64\O19YLPUS7.exe

C:\Program Files\NTFAJC7CK1\UW3WJF3WE.exe

C:\Program Files\ZISY2WDKFX\MTLJUW7JF.exe

C:\Program Files\V1OBNIOUTS\V1OBNIOUT.exe

C:\Program Files\K7BMDM64GL\K7BMDM64G.exe

C:\Program Files\A949NS6C3O\A949NS6C3.exe

CreateRestorePoint:

Emptytemp:

Hosts:



*****************



Processos fechados com sucesso.

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => não encontrado (a)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => não encontrado (a)

HKLM\Software\Wow6432Node\Classes\CLSID\ielnksrch => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => não encontrado (a)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72B10185-4FDD-4808-B788-0FF5F4CD5EE6} => não encontrado (a)

HKLM\Software\Classes\CLSID\{72B10185-4FDD-4808-B788-0FF5F4CD5EE6} => não encontrado (a)

HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => não encontrado (a)

HKLM\Software\Classes\CLSID\{ielnksrch} => não encontrado (a)

"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\OMEWPRODUCT_4RRFH" => não encontrado (a)

"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\zdkvpsyzhf3" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\820BKYM9V8OASAZ" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\429699" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\M0D7OJRDPF3F6NY" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\VC1FWU7Y5L7D8BJ" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\UEALPTNUMJEH081" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\302225" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\5481861" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\1675006" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CH84B2JIHH5X4SC" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\1258538" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BQLVFXD9T03PGIF" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\J57LKTND4O41WEU" => não encontrado (a)

"HKU\S-1-5-21-4216877997-3920459586-2356809368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\6177928" => não encontrado (a)

"C:\ProgramData\Voyasollam\Sumtom.dll" => Dados do Valor não encontrado (a).

"C:\ProgramData\Voyasollam\Ranloting.dll" => Dados do Valor não encontrado (a).

"C:\WINDOWS\system32\GroupPolicy\Machine" => não encontrado (a)

HKLM\SOFTWARE\Policies\Google => não encontrado (a)

backlh => serviço não encontrado (a).

Nettrans => serviço não encontrado (a).

"C:\Users\Maple Bear\AppData\Roaming\fuhvesj40b5" => não encontrado (a)

"C:\Program Files\NTFAJC7CK1" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\odo1acbzw4o" => não encontrado (a)

"C:\Program Files\ZISY2WDKFX" => não encontrado (a)

"C:\Program Files\1QGDTP0T64" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\installer.dat" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\k4mm4u3gy20" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\2ltuu2jza0t" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\0sz253ohanr.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\Ativador_Office_2016_PERMANENTE_DEFINITIVO.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\Ernestine.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\installer_mi.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\RegOrganizer.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\run.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\s2s.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\setup.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\setupGI.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\TigerTrade.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\veninstall.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\whiteclick.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ctypes.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\bz2.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_hashlib.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32api.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pywintypes27.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pythoncom27.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\unicodedata.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32com.shell.shell.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._core_.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._gdi_.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._windows_.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._controls_.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._misc_.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pysqlite2._sqlite.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32file.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32security.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\hashobjs_ext.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\thumbnails_ext.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\usb_ext.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_socket.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_ssl.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\common.time34.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32event.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.conditional.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.winwrap.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.volumes.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32gui.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_elementtree.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\pyexpat.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32inet.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\wx._html2.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_psutil_windows.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows._cacheinvalidation.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32crypt.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\PIL._imaging.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_multiprocessing.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\cello.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\_yappi.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32process.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pipe.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\select.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32pdh.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.connectivity.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\windows.device_monitor.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32profile.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\_MEI95882\win32ts.pyd" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-U5I04.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-M13M9.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-MNF76.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-IQCUC.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-VF9I0.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-77EC1.tmp\itdownload.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\_isetup\_isdecmp.dll" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-GDIF4.tmp\itdownload.dll" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E5DA6B3-85F3-4437-B305-954CC6B92C08} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\KMSAutoNet" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B374E88-B012-4905-9A00-C39D8AC8B9B0} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\psv_ZerSonlab" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_ZerSonlab => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BCDDB2B-466D-4310-A659-766ED7336B2D} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\psv_EcoDontex" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_EcoDontex => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B4B4C1B-20DB-43F7-94B5-2B25400D9BF5} => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2CFC389-6160-4236-8A37-529662C02C4E} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\psv_Lightron" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_Lightron => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD4EA8FA-DF71-4DA4-941A-757FF467BC45} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\psv_Dentophase" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_Dentophase => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA3E1221-3080-428C-8F36-322C41F2D4A8} => não encontrado (a)

"C:\WINDOWS\System32\Tasks\psv_Toughdox" => não encontrado (a)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_Toughdox => não encontrado (a)

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61F2D792-0C2F-4B61-B44B-B235B6D9882E}" => não encontrado (a)

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F54D3E4F-827A-488C-8885-79574DC72346}" => não encontrado (a)

"C:\WINDOWS\system32\Drivers\wsddfac.sys" => ":X5ZN8aGXs4" ADS não encontrado (a).

"C:\Program Files (x86)\c4e5i2idlbs\OOBC5V8XNIXC5DE.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\cls4bkk0nhm\0gxe04bloba.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\24rdlfd0zir\tzja4yvdwjd.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\2ltuu2jza0t\2ftovy5o1l2.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\k4mm4u3gy20\2ri0gursg3e.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-TR7N1.tmp\q3xcuyv5arf.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-NEHDJ.tmp\0gxe04bloba.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-6B0Q2.tmp\tzja4yvdwjd.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-39QHF.tmp\2ftovy5o1l2.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-EB7CN.tmp\2ri0gursg3e.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-L7G6H.tmp\q3xcuyv5arf.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Local\Temp\is-V581P.tmp\5vc1e2cenqa.tmp" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\odo1acbzw4o\5vc1e2cenqa.exe" => não encontrado (a)

"C:\Users\Maple Bear\AppData\Roaming\fuhvesj40b5\q3xcuyv5arf.exe" => não encontrado (a)

"C:\Program Files (x86)\c4e5i2idlbs\NF0EX.exe" => não encontrado (a)

"C:\Program Files\NTFAJC7CK1\UW3WJF3WE.exe" => não encontrado (a)

"C:\Program Files\1QGDTP0T64\O19YLPUS7.exe" => não encontrado (a)

"C:\Program Files\NTFAJC7CK1\UW3WJF3WE.exe" => não encontrado (a)

"C:\Program Files\ZISY2WDKFX\MTLJUW7JF.exe" => não encontrado (a)

"C:\Program Files\V1OBNIOUTS\V1OBNIOUT.exe" => não encontrado (a)

"C:\Program Files\K7BMDM64GL\K7BMDM64G.exe" => não encontrado (a)

"C:\Program Files\A949NS6C3O\A949NS6C3.exe" => não encontrado (a)

Ponto de Restauração criado com sucesso.

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso

Hosts restaurado com sucesso.



=========== EmptyTemp: ==========



BITS transfer queue => 8151040 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 0 B

Java, Flash, Steam htmlcache => 0 B

Windows/system/drivers => 44035 B

Edge => 4096 B

Chrome => 0 B

Firefox => 0 B

Opera => 0 B



Temp, IE cache, history, cookies, recent:

Default => 0 B

Users => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 0 B

systemprofile32 => 0 B

LocalService => 0 B

LocalService => 0 B

NetworkService => 0 B

NetworkService => 0 B

Maple Bear => 389838 B



RecycleBin => 0 B

EmptyTemp: => 8.2 MB de dados temporários Removidos.



================================





O sistema precisou ser reiniciado.



==== Fim de Fixlog 15:38:28 ====

Publicité

Signaler le contenu de ce document

Publicité