Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 15-06-2017 01
Executado por Family (16-06-2017 21:36:25) Run:1
Executando a partir de C:\Users\Family\Desktop
Perfis Carregados: Family (Perfis Disponíveis: Family & Administrador)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
start
CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adilson_18-07-2016\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
Startup: C:\Users\Adilson_18-07-2016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Family\AppData\Local\MEGAsync\MEGAsync.exe (Nenhum Arquivo)
GroupPolicy: Restrição <======= ATENÇÃO
CHR StartupUrls: Default -> "hxxp://br.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_29¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0C0CtCtByDzz0AyEtDtN0D0Tzu0StCtBzzzztN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyB0DtBtByByB0CtDtGyD0E0DyEtGyE0Fzz0DtGtDyC0F0BtG0CyCtBtDtB0EtC0B0EtB0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAyEtAzzyDzzzztGtDzzyEyBtGyEtA0FzztG0ByEyE0FtG0EzzyBzy0EyC0CzzyB0A0DtC2QtN0A0LzuyE%26cr%3D2128263556%26a%3Dwncy_ir_15_29%26os%3DWindows 7 Ultimate","hxxp://
www.oursurfing.com/?type=hp&ts=1437085486&z=d49a1ab1adcd791ef580ab9g2z1c8m3e1bdw4z3meb&from=advt&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5692133021330","hxxp://
www.mystartsearch.com/?type=hp&ts=1437086423&z=4115474349a439cf1ca5d2cgfzdc7m6eab8qccdtfw&from=cmi&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5692133021330","hxxp://
www.oursurfing.com/?type=hppp&ts=1437085535&z=1852e33d355c108873f77c2gfzfcbm9eeb8w4w7o3b&from=advt&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5692133021330","hxxp://
www.mystartsearch.com/?type=hp&ts=1437313033&z=867906645827a50a0c0ba07g8zbc0m5ccg9c5ebeaz&from=cmi&uid=WDCXWD10EARS-00Y5B1_WD-WCAV5692133021330","hxxp://search.iminent.com/?appId=9563392b-95be-463f-a0c5-0dbc55bc57d1","hxxp://
www.yoursearching.com/?type=hp&ts=1449449169&z=03269db4660f99abc29f041g4z4z8t6z1z4teg6qcb&from=face&uid=ST1000DM003-1ER162_Z4Y6CDA3XXXXZ4Y6CDA3","hxxp://
www.istartpageing.com/?type=hp&ts=1449451836&z=71ebfbd9c48f7b715811396gbz2z0t7z0w6g1bac4q&from=cmi&uid=ST1000DM003-1ER162_Z4Y6CDA3XXXXZ4Y6CDA3","hxxp://
www.google.com"
S4 KMS-R@1n; C:\Windows\[email]KMS-R@1n.exe[/email] [26112 2017-05-28] () [Arquivo não assinado]
2017-05-28 10:07 - 2017-05-28 10:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
2017-05-28 10:07 - 2017-05-28 10:07 - 00000000 ____D C:\Users\Family\AppData\Local\mpress
2017-05-28 10:06 - 2017-05-28 10:06 - 00026112 _____ C:\WINDOWS\[email]KMS-R@1n.exe[/email]
2017-05-28 10:06 - 2017-05-28 10:06 - 00003584 _____ C:\WINDOWS\KMS-QADhook.dll
2017-05-27 15:38 - 2017-05-27 15:38 - 00000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
2017-05-27 15:38 - 2017-05-27 15:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-31 16:50 - 2017-02-13 16:46 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2017-06-16 13:02 - 2017-02-06 14:39 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2017-06-16 13:02 - 2017-02-06 14:39 - 00000000 ____D C:\ProgramData\IObit
2017-06-16 13:01 - 2017-02-06 14:40 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2017-06-16 13:01 - 2017-02-06 14:40 - 00000000 ____D C:\ProgramData\ProductData
2017-05-28 16:40 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-28 16:40 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-27 15:38 - 2017-05-27 15:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-30 15:23 - 2016-03-09 15:53 - 5144256 _____ (Foxit Corporation) C:\Users\Adilson_18-07-2016\AppData\Local\Temp\FoxitUpdater.exe
2017-01-04 17:03 - 2017-01-04 17:03 - 2864736 _____ (Hola Networks Ltd.) C:\Users\Adilson_18-07-2016\AppData\Local\Temp\Hola-Setup-x64-1.26.859.exe
2017-02-06 15:53 - 2017-02-06 15:53 - 1844640 _____ (File Lite Fast ) C:\Users\Adilson_18-07-2016\AppData\Local\Temp\ICReinstall_Baixaki_3d-analyze_VBlKiE.exe
2017-03-22 16:59 - 2017-03-22 16:59 - 00025600 ____H C:\Users\Adilson_18-07-2016\Downloads\~WRL0001.tmp
2016-09-03 17:41 - 2016-09-03 17:42 - 31717016 _____ () C:\Users\Adilson_18-07-2016\AppData\Local\Temp\vlc-2.2.4-win64.exe
2015-08-02 20:58 - 2015-08-02 20:58 - 0118784 _____ () C:\Users\Adilson_18-07-2016\AppData\Local\Temp\xmlUpdater.exe
2017-06-12 13:52 - 2017-06-16 13:38 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-06-12 13:52 - 2017-06-14 14:34 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-06-14 14:56 - 2017-06-16 13:01 - 00000000 ____D C:\Users\Family\AppData\LocalLow\IObit
2017-06-16 12:57 - 2017-05-24 03:56 - 0785464 _____ (BlueStack Systems, Inc.) C:\Users\Family\AppData\Local\Temp\HD-Common.dll
2017-06-16 12:57 - 2017-05-24 03:57 - 0464952 _____ (BlueStack Systems, Inc.) C:\Users\Family\AppData\Local\Temp\HD-InstallerUtils.dll
2017-06-16 12:57 - 2017-05-24 03:54 - 0187416 _____ (BlueStack Systems) C:\Users\Family\AppData\Local\Temp\HD-LibraryHandler.dll
2017-06-16 12:57 - 2017-05-24 03:53 - 0246808 _____ (BlueStack Systems) C:\Users\Family\AppData\Local\Temp\HD-Logger-Native.dll
2017-06-16 12:57 - 2017-05-24 03:56 - 0385080 _____ (BlueStack Systems, Inc.) C:\Users\Family\AppData\Local\Temp\HD-Uninstaller.exe
2017-06-16 20:01 - 2014-01-23 15:54 - 0150600 _____ (Microsoft Corporation) C:\Users\Family\AppData\Local\Temp\ose00000.exe
Task: {C6018F55-8D4D-443C-8C33-BCC30CCF8FF7} - \Driver Booster SkipUAC (Family) -> Nenhum Arquivo <==== ATENÇÃO
Task: {FED5E894-D96C-47AA-9370-86DFF20BB9C8} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
ShortcutWithArgument: C:\Users\Family\Desktop\Play iWin Games.lnk -> C:\Users\Family\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000000 -config.uri=hxxp://gm/iwin/index.html
ShortcutWithArgument: C:\Users\Family\Desktop\Samantha Swift and the Hidden Roses of Athena.lnk -> C:\Users\Family\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000000 -config.sku=1737461924486933609 -config.uri=hxxp://gm/iwin/index.html
AlternateDataStreams: C:\Users\Family\Downloads\cfw_installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Family\Downloads\cispremium_installer_6100_08.exe:BDU [0]
AlternateDataStreams: C:\Users\Family\Downloads\Dreaming Mary.exe:BDU [0]
FirewallRules: [{8C246017-0EAB-47D1-AFFA-0CAA307B5532}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{4001C67F-AE69-4ED9-A879-DC98D56DDE5E}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{E9461E24-2D87-4FDF-AB88-00C3B6D37A8E}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3CF4260C-8F9E-4912-8A48-3C941D7A4A46}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{F31D5235-34EB-4220-B58F-76F424E002E2}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{7C6AEB1A-C435-4E78-8CA2-F796EFEBC480}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [UDP Query User{63CCCAF8-4804-4188-9054-23834F1FDF53}C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe] => (Allow) C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe
FirewallRules: [TCP Query User{639E023D-7C08-403A-91CD-30DD562C230A}C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe] => (Allow) C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe
FirewallRules: [UDP Query User{C446A7E5-1E44-4240-BCEA-0083EA8319B8}C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe
FirewallRules: [TCP Query User{1DA58F0C-04A0-4C9E-B986-109DBBA514B3}C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe] => (Allow) C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe
FirewallRules: [{0A8CAE47-5823-4923-9E9D-B8DCD5B3AA23}] => (Allow) C:\Windows\[email]KMS-R@1n.exe[/email]
FirewallRules: [{B2EFC2C8-4C29-4401-991E-9E23EE83C4FC}] => (Allow) C:\Windows\[email]KMS-R@1n.exe[/email]
FirewallRules: [TCP Query User{3ED77C2A-4308-44E9-B491-811A9002035D}C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe] => (Allow) C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe
FirewallRules: [UDP Query User{9446A380-4F0B-48AA-AF43-22A8BF6D3A34}C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe] => (Allow) C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe
RemoveProxy:
EmptyTemp:
Hosts:
Reboot:
end
*****************
Processos fechados com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => chave removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => chave removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => chave removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => chave não encontrado (a).
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => chave não encontrado (a).
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => chave removido (a) com sucesso.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => chave removido (a) com sucesso.
C:\Users\Adilson_18-07-2016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => movido com sucesso
C:\Users\Family\AppData\Local\MEGAsync\MEGAsync.exe => não encontrado (a).
C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso
Chrome StartupUrls => removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\KMS-R@1n => chave removido (a) com sucesso.
KMS-R@1n => serviço removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\R@1n-KMS => movido com sucesso
C:\Users\Family\AppData\Local\mpress => movido com sucesso
C:\WINDOWS\[email]KMS-R@1n.exe[/email] => movido com sucesso
C:\WINDOWS\KMS-QADhook.dll => movido com sucesso
C:\Users\Todos os Usuários\DP45977C.lfl => movido com sucesso
"C:\ProgramData\DP45977C.lfl" => não encontrado (a).
C:\WINDOWS\msdownld.tmp => movido com sucesso
C:\Users\Todos os Usuários\IObit => movido com sucesso
"C:\ProgramData\IObit" => não encontrado (a).
C:\Users\Todos os Usuários\ProductData => movido com sucesso
"C:\ProgramData\ProductData" => não encontrado (a).
C:\WINDOWS\SysWOW64\F12 => movido com sucesso
C:\WINDOWS\system32\F12 => movido com sucesso
"C:\ProgramData\DP45977C.lfl" => não encontrado (a).
C:\Users\Adilson_18-07-2016\AppData\Local\Temp\FoxitUpdater.exe => movido com sucesso
C:\Users\Adilson_18-07-2016\AppData\Local\Temp\Hola-Setup-x64-1.26.859.exe => movido com sucesso
C:\Users\Adilson_18-07-2016\AppData\Local\Temp\ICReinstall_Baixaki_3d-analyze_VBlKiE.exe => movido com sucesso
C:\Users\Adilson_18-07-2016\Downloads\~WRL0001.tmp => movido com sucesso
C:\Users\Adilson_18-07-2016\AppData\Local\Temp\vlc-2.2.4-win64.exe => movido com sucesso
C:\Users\Adilson_18-07-2016\AppData\Local\Temp\xmlUpdater.exe => movido com sucesso
C:\Program Files\Common Files\McAfee => movido com sucesso
C:\Program Files (x86)\McAfee => movido com sucesso
C:\Users\Family\AppData\LocalLow\IObit => movido com sucesso
C:\Users\Family\AppData\Local\Temp\HD-Common.dll => movido com sucesso
C:\Users\Family\AppData\Local\Temp\HD-InstallerUtils.dll => movido com sucesso
C:\Users\Family\AppData\Local\Temp\HD-LibraryHandler.dll => movido com sucesso
C:\Users\Family\AppData\Local\Temp\HD-Logger-Native.dll => movido com sucesso
C:\Users\Family\AppData\Local\Temp\HD-Uninstaller.exe => movido com sucesso
C:\Users\Family\AppData\Local\Temp\ose00000.exe => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6018F55-8D4D-443C-8C33-BCC30CCF8FF7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6018F55-8D4D-443C-8C33-BCC30CCF8FF7} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Family) => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FED5E894-D96C-47AA-9370-86DFF20BB9C8} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FED5E894-D96C-47AA-9370-86DFF20BB9C8} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional => chave removido (a) com sucesso.
C:\Users\Family\Desktop\Play iWin Games.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Family\Desktop\Samantha Swift and the Hidden Roses of Athena.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Family\Downloads\cfw_installer.exe => ":BDU" ADS removido (a) com sucesso..
C:\Users\Family\Downloads\cispremium_installer_6100_08.exe => ":BDU" ADS removido (a) com sucesso..
C:\Users\Family\Downloads\Dreaming Mary.exe => ":BDU" ADS removido (a) com sucesso..
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C246017-0EAB-47D1-AFFA-0CAA307B5532} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4001C67F-AE69-4ED9-A879-DC98D56DDE5E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9461E24-2D87-4FDF-AB88-00C3B6D37A8E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CF4260C-8F9E-4912-8A48-3C941D7A4A46} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F31D5235-34EB-4220-B58F-76F424E002E2} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C6AEB1A-C435-4E78-8CA2-F796EFEBC480} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{63CCCAF8-4804-4188-9054-23834F1FDF53}C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{639E023D-7C08-403A-91CD-30DD562C230A}C:\users\adilson_18-07-2016\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C446A7E5-1E44-4240-BCEA-0083EA8319B8}C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1DA58F0C-04A0-4C9E-B986-109DBBA514B3}C:\users\adilson_18-07-2016\appdata\local\popcorn-time\nw.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A8CAE47-5823-4923-9E9D-B8DCD5B3AA23} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B2EFC2C8-4C29-4401-991E-9E23EE83C4FC} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3ED77C2A-4308-44E9-B491-811A9002035D}C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9446A380-4F0B-48AA-AF43-22A8BF6D3A34}C:\users\family\appdata\local\ucbrowser\user data_i18n\thunder\1.0.0.0\download\minithunderplatform.exe => valor removido (a) com sucesso.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3065097816-1042799985-2737777570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3065097816-1042799985-2737777570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
========= Fim de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40454289 B
Java, Flash, Steam htmlcache => 6198 B
Windows/system/drivers => 136510553 B
Edge => 237015696 B
Chrome => 112994041 B
Firefox => 392630480 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 325588 B
NetworkService => 1264774 B
Family => 167077311 B
Administrador.000 => 9343 B
RecycleBin => 10605206 B
EmptyTemp: => 1 GB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 21:42:26 ====
