Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:27-01-2016 Executado por Rafael Klauz (2016-01-31 03:16:35) Run:2 Executando a partir de C:\Users\Rafael Klauz\Desktop Perfis Carregados: Rafael Klauz (Perfis Disponíveis: Rafael Klauz & Klauz) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\...\Run: [rbcwyzuafr] => wscript.exe //B "C:\Users\RAFAEL~1\AppData\Local\Temp\rbcwyzuafr.vbs" <===== ATENÇÃO HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\...\MountPoints2: {2bc06410-a86e-11e5-8de9-b8975a4dedf8} - E:\LG_PC_Programs.exe HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\...\MountPoints2: {2d8bf6f9-e463-11e4-9829-b8975a4dedf8} - K:\LGAutoRun.exe HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\...\MountPoints2: {d207d154-8b5a-11e4-92ac-b8975a4dedf8} - K:\Windows/AutoRun.exe GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-1525506457-2769244486-1402065697-1000 -> DefaultScope {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-1525506457-2769244486-1402065697-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-1525506457-2769244486-1402065697-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\:censurado:\:censurado: Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\:censurado:\:censurado: Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com => não encontrado (a) OPR Extension: (Sale Clipper) - C:\Users\Rafael Klauz\AppData\Roaming\Opera Software\Opera Stable\Extensions\iaofmdncmakgfhhlkpeohbidhaiedblo [2015-06-21] S2 bavsvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe" [X] S2 bhipssvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe" [X] R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.) R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.) R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.) S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X] S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X] S3 gkernel; \??\C:\Users\RAFAEL~1\AppData\Local\Temp\gkernel.sys [X] S3 NPF; system32\drivers\NPF.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2016-01-28 15:02 - 2016-01-30 12:31 - 00000823 _____ C:\Users\Rafael Klauz\Desktop\JRT.txt 2016-01-28 14:58 - 2016-01-28 14:59 - 01609032 _____ (Malwarebytes) C:\Users\Rafael Klauz\Downloads\JRT.exe 2016-01-28 04:17 - 2016-01-28 04:17 - 05822720 _____ (Advanced System Protector ) C:\Users\Rafael Klauz\Downloads\aspsetup.exe 2016-01-30 10:54 - 2015-06-26 01:25 - 00000682 _____ C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job 2016-01-30 10:54 - 2015-06-22 05:27 - 00007095 _____ C:\CE.txt Task: {3DB9D378-9942-4DB0-BD87-76A5339A7E2B} - System32\Tasks\{BB319A3A-557D-48F3-86D1-302C537F1AD9} => pcalua.exe -a E:\INSTALAR.exe -d E:\ Task: {4F774A48-8B99-4D2F-901F-1D4F6AD23AD3} - System32\Tasks\{A09B3242-BBED-4E53-A09D-352D3E29AC20} => pcalua.exe -a "C:\Users\Rafael Klauz\AppData\Roaming\webssearches\UninstallManager.exe" -c -ptid=irs <==== ATENÇÃO Task: {708AFF65-2DB9-4FC8-AB81-C75A7A5D627F} - System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => C:\Users\Rafael Klauz\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe <==== ATENÇÃO Task: {AAD36130-80CE-4AE9-AAEC-29C522536278} - System32\Tasks\{A97BD33E-73A7-4413-9A8A-7095CD9988EB} => pcalua.exe -a "C:\Users\Rafael Klauz\AppData\Roaming\webssearches\UninstallManager.exe" -c -ptid=irs <==== ATENÇÃO Task: C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => C:\Users\Rafael Klauz\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe?-RunCheckUpdate C:\Users\Rafael Klauz\AppData\Roaming\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\CheckUpdate.exe <==== ATENÇÃO FirewallRules: [UDP Query User{149FD561-2141-4B5E-A96C-D76DFADE8421}C:\users\rafael klauz\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\rafael klauz\appdata\local\popcorn time\node-webkit\popcorn time.exe AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 AlternateDataStreams: C:\Users\Rafael Klauz\Cookies:MU1O0DxGUamftfpe4MmxSruF8o7cGx AlternateDataStreams: C:\Users\Rafael Klauz\AppData\Local\X7R24amEEM:ybDID7fcaKbdiImqjIFJGU AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:CB0AACC9 C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job C:\Program Files (x86)\Trojan Remover\Trjscan.exe Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f DeleteKey: DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client DeleteJunctionsIndirectory: C:\Program Files\Windows Defender CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Users\All Users" CreateRestorePoint: RemoveProxy: EmptyTemp: Reboot: Hosts: end ***************** Processos fechados com sucesso. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => valor não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\Software\Microsoft\Windows\CurrentVersion\Run\\rbcwyzuafr => valor não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => valor não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bc06410-a86e-11e5-8de9-b8975a4dedf8} => chave não encontrado (a). HKCR\CLSID\{2bc06410-a86e-11e5-8de9-b8975a4dedf8} => chave não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d8bf6f9-e463-11e4-9829-b8975a4dedf8} => chave não encontrado (a). HKCR\CLSID\{2d8bf6f9-e463-11e4-9829-b8975a4dedf8} => chave não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d207d154-8b5a-11e4-92ac-b8975a4dedf8} => chave não encontrado (a). HKCR\CLSID\{d207d154-8b5a-11e4-92ac-b8975a4dedf8} => chave não encontrado (a). C:\Windows\system32\GroupPolicy\Machine => movido com sucesso C:\Windows\system32\GroupPolicy\GPT.ini => movido com sucesso HKLM\SOFTWARE\Policies\Google => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a). HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a). HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a). HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => chave não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => chave não encontrado (a). HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => chave não encontrado (a). HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a). HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => chave não encontrado (a). HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fmdownloader@gmail.com => valor não encontrado (a). HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com => valor não encontrado (a). C:\Users\Rafael Klauz\AppData\Roaming\Opera Software\Opera Stable\Extensions\iaofmdncmakgfhhlkpeohbidhaiedblo => não encontrado (a). bavsvc => serviço não encontrado (a). bhipssvc => serviço não encontrado (a). Bfilter => serviço não encontrado (a). Bfmon => serviço não encontrado (a). Bprotect => serviço não encontrado (a). BdApiUtil => serviço não encontrado (a). BdCameraProtect => serviço não encontrado (a). gkernel => serviço não encontrado (a). NPF => serviço removido (a) com sucesso. VGPU => serviço não encontrado (a). "C:\Users\Rafael Klauz\Desktop\JRT.txt" => não encontrado (a). "C:\Users\Rafael Klauz\Downloads\JRT.exe" => não encontrado (a). "C:\Users\Rafael Klauz\Downloads\aspsetup.exe" => não encontrado (a). "C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job" => não encontrado (a). C:\CE.txt => movido com sucesso HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB9D378-9942-4DB0-BD87-76A5339A7E2B} => chave não encontrado (a). C:\Windows\System32\Tasks\{BB319A3A-557D-48F3-86D1-302C537F1AD9} => não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB319A3A-557D-48F3-86D1-302C537F1AD9} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F774A48-8B99-4D2F-901F-1D4F6AD23AD3} => chave não encontrado (a). C:\Windows\System32\Tasks\{A09B3242-BBED-4E53-A09D-352D3E29AC20} => não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A09B3242-BBED-4E53-A09D-352D3E29AC20} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{708AFF65-2DB9-4FC8-AB81-C75A7A5D627F} => chave não encontrado (a). C:\Windows\System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAD36130-80CE-4AE9-AAEC-29C522536278} => chave não encontrado (a). C:\Windows\System32\Tasks\{A97BD33E-73A7-4413-9A8A-7095CD9988EB} => não encontrado (a). HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A97BD33E-73A7-4413-9A8A-7095CD9988EB} => chave não encontrado (a). C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job => não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{149FD561-2141-4B5E-A96C-D76DFADE8421}C:\users\rafael klauz\appdata\local\popcorn time\node-webkit\popcorn time.exe => valor não encontrado (a). "C:\ProgramData\TEMP" => ":CB0AACC9" ADS não encontrado (a). "C:\Users\Rafael Klauz\Cookies" => ":MU1O0DxGUamftfpe4MmxSruF8o7cGx" ADS não encontrado (a). "C:\Users\Rafael Klauz\AppData\Local\X7R24amEEM" => ":ybDID7fcaKbdiImqjIFJGU" ADS não encontrado (a). "C:\Users\Todos os Usuários\TEMP" => ":CB0AACC9" ADS não encontrado (a). "C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job" => não encontrado (a). "C:\Program Files (x86)\Trojan Remover\Trjscan.exe" => não encontrado (a). ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f ========= A opera‡Æo foi conclu¡da com ˆxito. ========= Fim de Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f ========= A opera‡Æo foi conclu¡da com ˆxito. ========= Fim de Reg: ========= ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= A opera‡Æo foi conclu¡da com ˆxito. ========= Fim de Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= A opera‡Æo foi conclu¡da com ˆxito. ========= Fim de Reg: ========= DeleteKey: => Não pode ser removidochave.: incorrect path. "C:\Program Files\Microsoft Security Client" => Deletando reparse point e desbloqueando começado: "C:\Program Files\Microsoft Security Client" =>Deletando reparse point e desbloqueando completado. "C:\Program Files\Windows Defender" => Deletando reparse point e desbloqueando começado: "C:\Program Files\Windows Defender" =>Deletando reparse point e desbloqueando completado. ========= dir /a "C:\Program Files" ========= O volume na unidade C nÆo tem nome. O N£mero de S‚rie do Volume ‚ BCC5-7131 Pasta de C:\Program Files 23/07/2015 05:24 . 23/07/2015 05:24 .. 21/08/2015 17:33 Adobe 23/07/2015 05:24 Application Verifier 15/08/2013 22:06 Arquivos Comuns [C:\Program Files\Common Files] 18/08/2013 04:20 AVAST Software 04/02/2015 01:42 Blender Foundation 31/01/2015 20:21 CCleaner 29/01/2015 17:45 ChromeEnhancer 20/04/2014 22:52 ComicRack 27/01/2014 10:48 Common Files 14/07/2009 01:54 174 desktop.ini 21/11/2010 06:48 DVD Maker 25/05/2014 03:23 Internet Explorer 15/10/2014 19:09 Java 27/01/2014 10:45 Microsoft Analysis Services 21/11/2010 06:48 Microsoft Games 27/01/2014 10:47 Microsoft Office 25/05/2014 03:10 Microsoft Security Client 27/01/2015 22:43 Microsoft Silverlight 08/06/2014 18:13 Microsoft SQL Server 08/06/2014 18:10 Microsoft Visual Studio 9.0 27/01/2014 10:48 Microsoft.NET 14/07/2009 02:32 MSBuild 02/09/2014 21:25 NetBeans 8.0 19/12/2015 10:03 OBS 15/08/2013 22:10 Realtek 14/07/2009 02:32 Reference Assemblies 14/07/2009 02:09 Uninstall Information 17/08/2013 05:25 Windows Defender 17/08/2013 05:25 Windows Journal 21/11/2010 06:37 Windows Mail 12/12/2013 07:06 Windows Media Player 28/01/2016 06:48 Windows Multimedia Platform 15/08/2013 22:06 Windows NT 21/11/2010 06:37 Windows Photo Viewer 21/11/2010 00:31 Windows Portable Devices 21/11/2010 06:37 Windows Sidebar 1 arquivo(s) 174 bytes 37 pasta(s) 152.134.860.800 bytes dispon¡veis ========= Fim de CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= O volume na unidade C nÆo tem nome. O N£mero de S‚rie do Volume ‚ BCC5-7131 Pasta de C:\Program Files (x86) 30/01/2016 10:53 . 30/01/2016 10:53 .. 17/07/2015 16:29 ActSys 11/11/2015 15:13 Adobe 01/06/2014 12:37 AGEIA Technologies 23/07/2015 05:24 Application Verifier 30/01/2016 12:29 Battle.net 12/12/2015 21:30 Common Files 15/08/2013 22:48 DAEMON Tools Lite 14/07/2009 01:54 174 desktop.ini 16/05/2014 19:21 DsNET Corp 24/04/2014 22:55 Freemake 04/02/2015 01:43 FreeTime 04/11/2015 12:58 GameVicio 04/01/2016 16:26 Garena Plus 15/08/2013 22:33 Google 29/07/2015 00:42 Heroes of Newerth 26/11/2014 21:56 InstallShield Installation Information 02/11/2014 20:57 Intel 25/05/2014 03:23 Internet Explorer 24/11/2014 12:49 Java 27/01/2015 00:15 JDownloader 06/01/2016 15:48 LogMeIn Hamachi 27/01/2014 10:45 Microsoft Analysis Services 22/03/2014 02:28 Microsoft Games for Windows - LIVE 08/06/2014 18:11 Microsoft Office 08/06/2014 18:07 Microsoft SDKs 25/05/2014 03:10 Microsoft Security Client 27/01/2015 22:43 Microsoft Silverlight 08/06/2014 18:06 Microsoft SQL Server 21/08/2015 18:07 Microsoft SQL Server Compact Edition 08/06/2014 18:06 Microsoft Synchronization Services 08/06/2014 18:08 Microsoft Visual Studio 9.0 08/11/2013 08:27 Microsoft XNA 27/01/2014 10:48 Microsoft.NET 28/01/2016 17:42 Mozilla Firefox 29/01/2016 05:04 Mozilla Maintenance Service 04/09/2013 23:42 MPC-HC 14/07/2009 02:32 MSBuild 14/11/2013 17:47 My Company Name 29/08/2014 04:20 Nero 16/07/2015 15:03 NFS Rivals 14/08/2014 22:55 Notepad++ 01/06/2014 12:37 NVIDIA Corporation 01/08/2015 01:50 OBS 31/08/2015 09:49 Opera 12/12/2014 21:58 Origin Games 12/01/2015 02:16 PC Blast 28/07/2014 01:56 PCSX2 1.0.0 15/08/2013 22:11 Realtek 14/07/2009 02:32 Reference Assemblies 26/11/2014 21:56 Rockstar Games 07/10/2014 18:00 Samsung 17/01/2016 12:12 Skype 31/01/2016 03:09 Steam 16/05/2014 02:18 SystemRequirementsLab 15/08/2013 22:10 Temp 25/11/2015 00:13 Ubisoft 11/08/2015 01:42 Unified Remote 3 14/07/2009 01:57 Uninstall Information 15/10/2014 21:32 VS Revo Group 17/08/2013 05:25 Windows Defender 23/07/2015 05:23 Windows Kits 21/08/2015 18:07 Windows Live 21/11/2010 06:37 Windows Mail 12/12/2013 07:06 Windows Media Player 14/07/2009 02:32 Windows NT 21/11/2010 06:37 Windows Photo Viewer 21/11/2010 00:31 Windows Portable Devices 21/11/2010 06:37 Windows Sidebar 16/08/2013 11:56 WinRAR 02/11/2014 20:24 WinUSB Maker Tool 1 arquivo(s) 174 bytes 71 pasta(s) 152.134.856.704 bytes dispon¡veis ========= Fim de CMD: ========= ========= dir /a "C:\Users\All Users" ========= O volume na unidade C nÆo tem nome. O N£mero de S‚rie do Volume ‚ BCC5-7131 Pasta de C:\Users\All Users 31/01/2016 03:06 . 31/01/2016 03:06 .. 02/10/2015 06:21 .mono 28/07/2014 12:14 Adobe 29/08/2014 04:20 Ahead 19/10/2014 17:43 ALM 15/08/2013 22:55 Apple 14/07/2009 02:08 Application Data [C:\ProgramData] 20/09/2013 10:59 AVAST Software 07/03/2014 14:34 baidu 08/03/2014 11:29 Baidu Security 22/12/2015 19:25 Battle.net 04/04/2015 13:12 Blizzard Entertainment 15/08/2013 22:06 Dados de aplicativos [C:\ProgramData] 25/06/2014 22:03 DAEMON Tools Lite 14/07/2009 02:08 Desktop [C:\Users\Public\Desktop] 15/08/2013 22:06 Documentos [C:\Users\Public\Documents] 14/07/2009 02:08 Documents [C:\Users\Public\Documents] 14/07/2009 02:08 Favorites [C:\Users\Public\Favorites] 15/08/2013 22:06 Favoritos [C:\Users\Public\Favorites] 24/10/2013 19:22 Freemake 04/01/2016 15:44 GarenaMessenger 25/02/2014 10:03 GAS Tecnologia 02/11/2014 20:57 InstallShield 16/05/2014 02:46 Intel 08/09/2013 16:44 Kaspersky Lab 08/09/2013 18:09 Kaspersky Lab Setup Files 01/08/2014 21:32 Licenses 12/02/2014 10:00 Log 15/11/2013 15:11 LogMeIn 08/09/2013 15:26 Malwarebytes 15/08/2013 22:06 Menu Iniciar [C:\ProgramData\Microsoft\Windows\Start Menu] 15/12/2015 00:41 Microsoft 08/06/2014 18:12 Microsoft Help 31/01/2015 23:47 Microsoft Toolkit 03/12/2015 07:47 98 Microsoft.SqlServer.Compact.400.32.bc 15/08/2013 22:06 Modelos [C:\ProgramData\Microsoft\Windows\Templates] 30/04/2014 12:07 Mozilla 29/08/2014 04:20 Nero 02/11/2014 20:29 Norton 31/01/2016 03:06 8 ntuser.pol 24/11/2014 12:49 Oracle 05/09/2013 12:14 Orbit 04/02/2015 01:44 Origin 05/02/2014 16:02 PACE Anti-Piracy 10/01/2016 03:02 Package Cache 14/11/2013 18:02 regid.1986-12.com.adobe 27/01/2014 10:47 regid.1991-06.com.microsoft 25/07/2015 23:58 Riot Games 07/10/2014 18:00 Samsung 22/03/2014 02:29 SecuROM 28/01/2016 19:52 Skype 14/07/2009 02:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 07/03/2014 14:28 Steam 01/12/2013 05:10 Sun 01/08/2014 21:44 TEMP 14/07/2009 02:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 30/01/2016 09:47 Unified Remote 23/07/2015 05:24 Windows App Certification Kit 2 arquivo(s) 106 bytes 57 pasta(s) 152.134.856.704 bytes dispon¡veis ========= Fim de CMD: ========= Ponto de Restauração criado com sucesso. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-1525506457-2769244486-1402065697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. ========= Fim de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. EmptyTemp: => 23.8 MB de dados temporários Removidos. O sistema precisou ser reiniciado. ==== Fim de Fixlog 03:17:00 ====