Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:09-01-2015 Executado por Áleson (2016-01-11 00:53:12) Run:2 Executando a partir de C:\Users\Áleson\Desktop Perfis Carregados: Áleson (Perfis Disponíveis: Áleson) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax_RESTART] => [X] HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7563959d-7e4d-11e4-becb-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {773626ec-1da3-11e4-beb1-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba5be-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba713-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7ba3-d9b4-11e2-be75-e9d724763151} - "G:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7d0d-d9b4-11e2-be75-e9d724763151} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c91fe-d9b4-11e2-be75-c17d6f352bb7} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c9266-d9b4-11e2-be75-c17d6f352bb7} - "G:\AutoRun.exe" GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> DefaultScope {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} BHO-x32: Sem Nome -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Nenhum Arquivo StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.searchult.com/?bd=sc&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329 StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 S2 bavsvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe" [X] S2 bhipssvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe" [X] R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X] R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.) R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.) R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.) S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X] S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X] S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X] S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X] S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X] S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X] S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X] 2016-01-10 00:31 - 2016-01-10 00:58 - 00000261 _____ C:\VundoFix.txt 2016-01-10 00:31 - 2016-01-10 00:31 - 00000000 ____D C:\VundoFix Backups 2016-01-09 19:10 - 2016-01-09 19:10 - 00119808 _____ (Atribune.org) C:\Users\Áleson\Desktop\VundoFix.exe 2016-01-09 19:07 - 2016-01-10 00:24 - 00004908 _____ C:\InfoSat.txt 2016-01-09 19:05 - 2016-01-09 19:05 - 00001735 _____ C:\Users\Áleson\Desktop\dfdsfs.txt 2016-01-09 13:19 - 2016-01-10 01:24 - 00849766 _____ C:\WINDOWS\ntbtlog.txt 2016-01-03 14:00 - 2016-01-03 14:00 - 00002020 _____ C:\Users\Áleson\Downloads\monomania.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte (1).txt 2015-12-01 01:15 - 2015-12-01 01:15 - 00015464 _____ C:\WINDOWS\DelYac64.sys 2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll 2015-04-10 07:00 - 2013-02-05 11:18 - 0164864 ____H () C:\ProgramData\uemtqux.exe FirewallRules: [{6B1B2480-CEB4-46D5-AA91-1CBD0AB23F4D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D868168F-594A-42F1-AB46-94E27C199E5E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{2E43BE09-74EE-4440-80FE-DD47DD5BA132}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6E262CAA-80AF-4080-85BF-3309027FA101}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{E0BCDD68-740D-48E7-BD4A-15C1B4DE6B23}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{5FC202C1-0C4B-478B-80CA-FF60E606CA2A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{20CA7314-A39B-47B2-896B-57819EA44152}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{1C1878ED-A6EE-4730-BA3C-FE09155656AC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{F28D0500-E0D4-470E-8CCD-C44BF99BE134}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{440BE007-69BF-4AF6-ABB3-A7D2AFEC5B56}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{B7400691-9F5B-40D0-865A-7BD2AC415865}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [UDP Query User{103B2CEE-7BF6-4D69-8CEB-D750D1BBCB3E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe FirewallRules: [{94D4A7CA-1638-4E9E-A136-F4011F6BE158}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{86FEA00A-800C-4C9B-99A8-BE1F3BF7B2C6}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{3E5525B6-6D78-47F2-A828-33522AE2D674}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{FBC8E308-F260-4EE6-B757-305D1F090D31}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{B2979BE3-813A-4A9E-A81B-F02D7DDD45E6}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [UDP Query User{525AC802-CF77-45FD-A337-3BBE9B5257CD}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [{E2961D3F-4AC8-432E-B647-B2FCE4267125}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{1C54ACCE-3D90-4966-883A-FB73149DEB26}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe FirewallRules: [{6C21EE86-E016-4B1C-82F7-2ACAFB2555ED}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{0984D31D-EFCB-4744-8684-1C6F6FFD5F0C}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe AlternateDataStreams: C:\ProgramData\Temp:6B50FDB5 AlternateDataStreams: C:\Users\Todos os Usuários\Temp:6B50FDB5 C:\ProgramData\FileSplitUpLoad.dll C:\ProgramData\uemtqux.exe C:\Users\Todos os Usuários\FileSplitUpLoad.dll C:\Users\Todos os Usuários\uemtqux.exe C:\Users\Áleson\AppData\Local\Temp\FFSetup3.7.0.0.exe C:\Users\Áleson\AppData\Local\Temp\GURB284.exe C:\Users\Áleson\AppData\Local\Temp\javagiac0.05637026420230706.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.07419647611942548.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.7159750379807412.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.8370023476803045.dll C:\Users\Áleson\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\MSETUP4.EXE C:\Users\Áleson\AppData\Local\Temp\Quarantine.exe C:\Users\Áleson\AppData\Local\Temp\setup.exe C:\Users\Áleson\AppData\Local\Temp\sjt7z_x86_console.exe C:\Users\Áleson\AppData\Local\Temp\unins000.exe C:\Users\Áleson\AppData\Local\Temp\{39A540B9-C264-48CA-B8DC-FB5C241EC09F}-46.0.2490.71_chrome64_installer.exe CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CreateRestorePoint: RemoveProxy: EmptyTemp: Reboot: Hosts: end ***************** Processos fechados com sucesso. HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART => valor não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7563959d-7e4d-11e4-becb-80ee735f2992} => chave não encontrado (a). HKCR\CLSID\{7563959d-7e4d-11e4-becb-80ee735f2992} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{773626ec-1da3-11e4-beb1-80ee735f2992} => chave não encontrado (a). HKCR\CLSID\{773626ec-1da3-11e4-beb1-80ee735f2992} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8ba5be-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKCR\CLSID\{7e8ba5be-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e8ba713-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKCR\CLSID\{7e8ba713-0c4f-11e3-be79-a349a8706f43} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c7ba3-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKCR\CLSID\{e04c7ba3-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c7d0d-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKCR\CLSID\{e04c7d0d-d9b4-11e2-be75-e9d724763151} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c91fe-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKCR\CLSID\{e04c91fe-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04c9266-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). HKCR\CLSID\{e04c9266-d9b4-11e2-be75-c17d6f352bb7} => chave não encontrado (a). "C:\WINDOWS\system32\GroupPolicy\Machine" => não encontrado (a). HKLM\SOFTWARE\Policies\Google => chave não encontrado (a). HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Atalho argumento removido (a) com sucesso.. C:\Users\Áleson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Atalho argumento removido (a) com sucesso.. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Atalho argumento removido (a) com sucesso.. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKCR\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKCR\Wow6432Node\CLSID\{E921F400-D383-4B1B-9DE6-FCFCACFC1173} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => chave não encontrado (a). HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1416E16-86DC-4A0A-BE91-57476DC7A667} => chave não encontrado (a). HKCR\CLSID\{D1416E16-86DC-4A0A-BE91-57476DC7A667} => chave não encontrado (a). HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} => chave não encontrado (a). HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} => chave não encontrado (a). HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => valor restaurado com sucesso HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => valor restaurado com sucesso bavsvc => serviço não encontrado (a). bhipssvc => serviço não encontrado (a). Winstep Xtreme Service => serviço não encontrado (a). Bfilter => serviço não encontrado (a). Bfmon => serviço não encontrado (a). Bprotect => serviço não encontrado (a). BdApiUtil => serviço não encontrado (a). BdCameraProtect => serviço não encontrado (a). BprotectEx => serviço não encontrado (a). ew_hwusbdev => serviço não encontrado (a). ew_usbenumfilter => serviço não encontrado (a). gbpddfac => serviço removido (a) com sucesso. huawei_cdcacm => serviço não encontrado (a). huawei_enumerator => serviço não encontrado (a). PCFApiUtil => serviço não encontrado (a). pfnfd_1_10_0_8 => serviço não encontrado (a). Warsaw_PP => serviço não encontrado (a). "C:\VundoFix.txt" => não encontrado (a). "C:\VundoFix Backups" => não encontrado (a). "C:\Users\Áleson\Desktop\VundoFix.exe" => não encontrado (a). "C:\InfoSat.txt" => não encontrado (a). "C:\Users\Áleson\Desktop\dfdsfs.txt" => não encontrado (a). "C:\WINDOWS\ntbtlog.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\monomania.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\a-noite-la-notte.txt" => não encontrado (a). "C:\Users\Áleson\Downloads\a-noite-la-notte (1).txt" => não encontrado (a). "C:\WINDOWS\DelYac64.sys" => não encontrado (a). "C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a). "C:\ProgramData\uemtqux.exe" => não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B1B2480-CEB4-46D5-AA91-1CBD0AB23F4D} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D868168F-594A-42F1-AB46-94E27C199E5E} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E43BE09-74EE-4440-80FE-DD47DD5BA132} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E262CAA-80AF-4080-85BF-3309027FA101} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0BCDD68-740D-48E7-BD4A-15C1B4DE6B23} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5FC202C1-0C4B-478B-80CA-FF60E606CA2A} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20CA7314-A39B-47B2-896B-57819EA44152} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C1878ED-A6EE-4730-BA3C-FE09155656AC} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F28D0500-E0D4-470E-8CCD-C44BF99BE134} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{440BE007-69BF-4AF6-ABB3-A7D2AFEC5B56} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B7400691-9F5B-40D0-865A-7BD2AC415865}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{103B2CEE-7BF6-4D69-8CEB-D750D1BBCB3E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94D4A7CA-1638-4E9E-A136-F4011F6BE158} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86FEA00A-800C-4C9B-99A8-BE1F3BF7B2C6} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E5525B6-6D78-47F2-A828-33522AE2D674} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBC8E308-F260-4EE6-B757-305D1F090D31} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B2979BE3-813A-4A9E-A81B-F02D7DDD45E6}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{525AC802-CF77-45FD-A337-3BBE9B5257CD}C:\program files (x86)\freetime\formatfactory\ffmodules\package\ptinstonline.exe => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2961D3F-4AC8-432E-B647-B2FCE4267125} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C54ACCE-3D90-4966-883A-FB73149DEB26} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C21EE86-E016-4B1C-82F7-2ACAFB2555ED} => valor não encontrado (a). HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0984D31D-EFCB-4744-8684-1C6F6FFD5F0C} => valor não encontrado (a). "C:\ProgramData\Temp" => ":6B50FDB5" ADS não encontrado (a). "C:\Users\Todos os Usuários\Temp" => ":6B50FDB5" ADS não encontrado (a). "C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a). "C:\ProgramData\uemtqux.exe" => não encontrado (a). "C:\Users\Todos os Usuários\FileSplitUpLoad.dll" => não encontrado (a). "C:\Users\Todos os Usuários\uemtqux.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\FFSetup3.7.0.0.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\GURB284.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.05637026420230706.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.07419647611942548.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.7159750379807412.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\javagiac0.8370023476803045.dll" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\jre-8u65-windows-au.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\jre-8u66-windows-au.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\MSETUP4.EXE" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\Quarantine.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\setup.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\sjt7z_x86_console.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\unins000.exe" => não encontrado (a). "C:\Users\Áleson\AppData\Local\Temp\{39A540B9-C264-48CA-B8DC-FB5C241EC09F}-46.0.2490.71_chrome64_installer.exe" => não encontrado (a). ========= dir /a "C:\Program Files" ========= O volume na unidade C Windows O Nmero de Srie do Volume 3414-5879 Pasta de C:\Program Files 01/11/2015 10:31 . 01/11/2015 10:31 .. 08/04/2014 09:26 Adobe 03/12/2013 20:00 Arquivos Comuns [C:\Program Files\Common Files] 03/12/2013 21:04 Bonjour 17/09/2015 17:52 Canon 26/06/2015 20:43 CanonBJ 14/02/2014 00:54 CCleaner 09/04/2014 09:57 Common Files 09/04/2014 09:54 Corel 26/07/2012 05:11 174 desktop.ini 07/12/2014 18:14 Icaros 25/04/2014 19:04 Intel 11/04/2014 17:46 Internet Explorer 26/07/2015 16:19 iPod 26/07/2015 16:20 iTunes 01/10/2015 22:19 Java 01/06/2014 22:55 KMSpico 01/11/2015 10:31 MediaInfo 15/08/2015 17:44 MegaDownloader 03/12/2013 20:29 Microsoft Analysis Services 03/12/2013 20:30 Microsoft Office 03/12/2013 20:30 Microsoft SQL Server 03/12/2013 20:31 Microsoft.NET 03/08/2015 22:15 MPC-HC 03/12/2013 21:15 MSBuild 24/08/2015 22:25 Neat Video for Sony Vegas 25/04/2014 17:41 Realtek 15/12/2015 20:35 Recuva 03/12/2013 21:15 Reference Assemblies 18/02/2014 18:02 Sony 26/07/2012 04:22 Uninstall Information 07/12/2014 16:13 VideoLAN 22/05/2015 23:48 VS Revo Group 08/04/2014 17:22 Windows Defender 07/04/2014 10:33 Windows Journal 26/07/2012 07:32 Windows Mail 08/04/2014 17:23 Windows Media Player 26/07/2012 05:13 Windows Multimedia Platform 03/12/2013 20:00 Windows NT 08/04/2014 17:16 Windows Photo Viewer 26/07/2012 05:13 Windows Portable Devices 07/05/2014 23:47 Windows Sidebar 25/11/2015 21:14 WindowsApps 18/11/2014 08:46 WinHTTrack 07/12/2013 13:55 WinRAR 1 arquivo(s) 174 bytes 45 pasta(s) 55.172.030.464 bytes disponveis ========= Fim de CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= O volume na unidade C Windows O Nmero de Srie do Volume 3414-5879 Pasta de C:\Program Files (x86) 09/01/2016 22:36 . 09/01/2016 22:36 .. 09/02/2014 18:57 7-Zip 09/04/2015 23:37 Adobe 29/07/2014 23:20 AIMP3 14/02/2014 22:29 Alcohol Soft 03/12/2013 21:05 Apple Software Update 11/04/2014 08:31 Baidu Security 12/03/2014 23:39 Barnes & Noble 13/01/2014 16:38 BlueStacks 03/12/2013 21:04 Bonjour 20/11/2015 23:35 Cabri 17/09/2015 18:04 Canon 27/07/2015 18:36 ClockworkMod 28/02/2014 02:19 CloneDVD 17/03/2015 21:53 CodeBlocks 09/01/2016 00:58 Common Files 16/02/2015 22:58 Criar 26/07/2012 05:11 174 desktop.ini 25/08/2014 01:39 Dicionrio de Sinnimos -completo- 06/12/2013 19:20 dihav 05/12/2014 23:25 DsNET Corp 06/03/2014 21:00 DVD Shrink 02/03/2015 22:44 DVDFab 9 25/12/2014 10:35 DVDFab Media Player 2 21/09/2015 01:50 FastStone Image Viewer 06/04/2014 18:06 focus booster 30/10/2014 16:55 Freemake 08/06/2015 19:46 FreeTime 17/10/2015 00:02 GbPlugin 30/03/2015 20:58 GeoGebra 5.0 22/12/2015 11:16 Google 03/12/2013 20:30 Guitar Pro 6 03/03/2015 21:59 GUM1247.tmp 03/03/2015 23:14 GUM37CC.tmp 03/03/2015 22:30 GUMB079.tmp 19/02/2015 01:09 Imagenomic 26/04/2014 07:48 iMind Map 13/07/2014 01:32 Inkscape 09/01/2016 10:58 Innovative Solutions 17/11/2015 20:45 InstallShield Installation Information 29/05/2014 19:32 Intel 23/04/2014 09:43 Intelore 11/01/2016 00:50 Internet Download Manager 04/09/2014 22:17 Internet Explorer 25/02/2015 22:14 ITools 26/07/2015 16:19 iTunes 17/02/2015 17:19 JDownloader 2 05/11/2015 20:35 JetBrains 20/02/2015 23:56 Jumpstart 20/03/2015 22:17 MediaMonkey 03/12/2013 20:29 Microsoft Analysis Services 03/12/2013 20:29 Microsoft Office 06/04/2014 16:17 Microsoft OneDrive 03/12/2013 20:31 Microsoft SQL Server 03/12/2013 20:31 Microsoft.NET 14/06/2015 23:19 Mozilla Firefox 28/04/2014 23:20 3.757 Mozilla Firefoxsafeguard-secure-search.xml 22/07/2015 08:20 Mozilla Maintenance Service 31/03/2015 20:07 Mozilla Thunderbird 03/12/2013 21:16 MSBuild 03/12/2013 20:47 MSXML 4.0 27/10/2015 23:23 NewBlue 04/10/2015 17:08 PC Metronome 26/06/2014 19:28 PCSX2 0.9.8 16/05/2014 22:32 PDF Architect 2 16/05/2014 21:35 PDFCreator 11/04/2014 20:08 PhotoScape 10/04/2014 17:34 Positivo 27/10/2015 21:14 Positivo Informtica 15/02/2014 09:43 Protect Software ProtectBURN Video 15/02/2014 09:41 QuickTime 25/04/2014 17:35 Realtek 03/12/2013 21:16 Reference Assemblies 03/12/2013 22:43 RkSoft 04/12/2013 19:58 RocketDock 17/10/2015 00:04 Skype 11/01/2016 00:49 SkypeUpdateEx 25/04/2014 10:55 SlimDrivers 23/04/2014 09:37 SmartDoctor 29/06/2015 12:55 Sony 14/02/2014 09:47 Sony Setup 13/03/2014 01:08 Stardock 08/01/2016 13:37 TeamViewer 25/04/2014 17:42 Temp 23/08/2015 11:32 ThinkSky 09/01/2014 12:35 UltraISO 22/07/2014 20:05 Ultralingua 17/02/2015 16:46 Vitamin D Video 22/05/2015 23:53 VS Revo Group 08/08/2014 08:59 VSO 01/06/2014 22:54 Windows 8 - 8.1 KMS Activator Ultimate 2014 v1.5.1 08/04/2014 17:22 Windows Defender 26/07/2012 07:32 Windows Mail 08/04/2014 17:23 Windows Media Player 26/07/2012 05:13 Windows Multimedia Platform 26/07/2012 05:12 Windows NT 08/04/2014 17:16 Windows Photo Viewer 26/07/2012 05:13 Windows Portable Devices 07/05/2014 23:47 Windows Sidebar 18/10/2014 18:31 WinPcap 06/12/2013 20:05 WinRAR 09/12/2013 13:36 Winstep 14/04/2014 23:04 Zero G Registry 2 arquivo(s) 3.931 bytes 102 pasta(s) 55.172.018.176 bytes disponveis ========= Fim de CMD: ========= ========= dir /a C:\ProgramData ========= O volume na unidade C Windows O Nmero de Srie do Volume 3414-5879 Pasta de C:\ProgramData 11/01/2016 00:49 . 11/01/2016 00:49 .. 26/07/2015 16:19 34BE82C4-E596-4e99-A191-52C6199EBF69 04/04/2014 17:24 4shared Desktop 09/04/2014 00:41 a2364d90ccac753b 05/02/2015 20:25 Adobe 12/04/2014 19:21 Advanced Chemistry Development 04/04/2014 23:39 Apple 03/12/2013 21:05 Apple Computer 26/07/2012 04:22 Application Data [C:\ProgramData] 18/10/2014 18:15 ashampoo 20/02/2015 23:56 Atheros 29/07/2015 02:17 Autodesk 11/05/2014 13:59 Baidu Security 13/01/2014 16:39 BlueStacks 13/01/2014 18:11 BlueStacksSetup 08/04/2014 18:03 boost_interprocess 07/07/2015 16:13 Canon IJ Network Tool 26/06/2015 20:43 CanonBJ 26/06/2015 21:31 CanonIJEGV 26/06/2015 20:35 CanonIJETV 26/06/2015 21:00 CanonIJQuickMenu 26/06/2015 21:17 CanonIJScan 17/09/2015 17:58 CanonIJWSpt 01/11/2015 10:56 clone.AD 09/04/2014 10:23 Corel 09/04/2014 09:59 CorelDRAW Graphics Suite X7 x64 03/12/2013 20:00 Dados de Aplicativos [C:\ProgramData] 05/12/2014 23:13 DatacardService 26/07/2012 04:22 Desktop [C:\Users\Public\Desktop] 03/12/2013 20:00 Documentos [C:\Users\Public\Documents] 26/07/2012 04:22 Documents [C:\Users\Public\Documents] 25/04/2014 17:41 0 DP45977C.lfl 08/08/2014 00:18 DVD Shrink 04/08/2015 14:34 eSellerate 10/04/2014 18:30 GAS Tecnologia 05/10/2015 19:22 GbPlugin 03/12/2013 20:32 Guitar Pro 6 23/05/2015 00:16 IDM 09/04/2014 00:39 InstallMate 10/12/2015 01:29 Intel 29/05/2014 19:31 Intel(R) Update Manager 19/04/2014 00:21 IsolatedStorage 09/01/2016 12:57 Kaspersky Lab Setup Files 11/04/2014 09:17 Log 16/08/2014 19:28 McAfee 20/03/2015 22:16 MediaMonkey 03/12/2013 20:00 Menu Iniciar [C:\ProgramData\Microsoft\Windows\Start Menu] 09/01/2016 03:29 Microsoft 03/12/2013 20:32 Microsoft Help 06/04/2014 16:16 Microsoft OneDrive 03/12/2013 20:00 Modelos [C:\ProgramData\Microsoft\Windows\Templates] 07/04/2014 01:44 Mozilla 14/02/2014 22:47 mpDRM 16/02/2015 23:09 Nero 11/01/2016 00:49 8 ntuser.pol 01/10/2015 22:19 Oracle 09/04/2014 09:57 Package Cache 16/05/2014 21:35 PDF Architect 2 12/03/2014 17:19 Positivo Informtica 03/12/2013 20:04 PRICache 09/04/2014 10:17 Protexis64 08/04/2014 09:26 regid.1986-12.com.adobe 03/12/2013 20:31 regid.1991-06.com.microsoft 23/06/2015 17:39 Skype 02/08/2014 18:27 Sony 29/06/2015 12:55 Sony Corporation 09/12/2013 13:47 Stardock 26/07/2012 04:22 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 24/04/2014 23:05 Sun 12/12/2015 01:08 System32 21/02/2015 00:25 TamoSoft 25/09/2015 09:15 Temp 26/07/2012 04:22 Templates [C:\ProgramData\Microsoft\Windows\Templates] 22/07/2014 20:05 Ultralingua7 22/05/2015 23:48 VS Revo Group 01/11/2015 13:50 VSO 24/06/2014 17:47 vsosdk 03/03/2015 23:06 Wondershare 2 arquivo(s) 8 bytes 77 pasta(s) 55.172.018.176 bytes disponveis ========= Fim de CMD: ========= Ponto de Restauração criado com sucesso. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. ========= Fim de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. EmptyTemp: => 9.9 MB de dados temporários Removidos. O sistema precisou ser reiniciado. ==== Fim de Fixlog 00:53:54 ====