cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:20-11-2015
Executado por Marina (2015-11-21 14:17:29) Run:1
Executando a partir de C:\Users\Marina\Desktop
Perfis Carregados: Marina (Perfis Disponíveis: Marina & Outros & UpdatusUser)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
start
CloseProcesses:
(Navigation Co., Ltd.) C:\Users\Marina\AppData\Roaming\ntsvc\ntsvc.exe
HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\...\MountPoints2: {08e47114-68cb-11e4-9464-94de802f4d14} - G:\setup.exe
HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\...\MountPoints2: {6a37ce29-be97-11e3-9c29-00215abc46b8} - K:\Startme.exe
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\...\MountPoints2: {08e47114-68cb-11e4-9464-94de802f4d14} - G:\setup.exe
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\...\MountPoints2: {6a37ce29-be97-11e3-9c29-00215abc46b8} - K:\Startme.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={479C948E-D4DC-4E73-9147-96DD9739DB14}&mid=30f62e50eea947cd9b5c4597c6cba4e7-22997078e123f8e98035605f0ab183a14cbe16d3&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0615tb&pr=fr&d=2015-02-20 01:09:46&v=4.1.6.294&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.megaware.com.br
SearchScopes: HKU\S-1-5-21-1676987257-1593010146-3184279874-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={479C948E-D4DC-4E73-9147-96DD9739DB14}&mid=30f62e50eea947cd9b5c4597c6cba4e7-22997078e123f8e98035605f0ab183a14cbe16d3&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-02-20 01:09:46&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.seekmx.com/?bd=sc&oem=302br&uid=ST1000DM003-1CH162_S1DFAPHWXXXXS1DFAPHW&version=2.3.0.10992&pid=414031160&tid=702
CHR StartupUrls: Default -> "hxxp://www.funnyordie.com/davefranco?_cc=__d___&_ccid=n70bvm.midncm","hxxps://www.youtube.com/watch?v=VetVl9FrQ_U","hxxp://video.gq.com/watch/derrick-rose-may-cover","hxxps://www.youtube.com/user/tommcflytwitter/videos?view=0","hxxps://www.youtube.com/watch?v=M46Sip8OjzM","hxxps://www.youtube.com/user/officialmcfly/videos?view=0","hxxps://www.youtube.com/watch?v=LWp6hMthyO0","hxxps://pt.wikipedia.org/wiki/Jason_Mraz","hxxps://www.kickstarter.com/projects/1040304630/would-you-short-film-w-dave-franco-and-chris-mintz","hxxps://en.wikipedia.org/wiki/Memory_Lane:_The_Best_of_McFly#Track_listing","hxxps://www.youtube.com/watch?v=3RvFgtFUBLk","hxxps://www.youtube.com/watch?v=5jqjaK_qnVU","hxxps://en.wikipedia.org/wiki/Dave_Franco#Filmography","hxxps://www.youtube.com/watch?v=Jv6QhStiIN8","hxxps://en.wikipedia.org/wiki/List_of_songs_in_Smash","hxxp://www.funnyordie.com/davefranco?_cc=__d___&_ccid=n70bvm.midncm","hxxp://www.tvmuse.com/tv-shows/Crownies_26371/season_1/episode_15/video-results/","hxxps://www.youtube.com/watch?feature=player_embedded&v=dzAjFoyY_ic","hxxp://www.tvmuse.com/tv-shows/Teen-Titans_8991/season_3/episode_9/","hxxps://www.youtube.com/watch?v=Jv6QhStiIN8","hxxp://www.vagalume.com.br/jason-mraz/","hxxps://www.youtube.com/watch?v=EsCiHu7wkFU","hxxps://www.youtube.com/watch?feature=player_embedded&v=N0kJCh_wdZg","hxxps://www.youtube.com/watch?v=fDd6i2hUApg"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
R2 Sed; C:\Users\Marina\AppData\Roaming\ntsvc\ntsvc.exe [266104 2015-10-19] (Navigation Co., Ltd.)
R4 AVGIDSHA; system32\DRIVERS\avgidsha.sys [X]
R4 Avgrkx64; system32\DRIVERS\avgrkx64.sys [X]
R4 Avgtdia; system32\DRIVERS\avgtdia.sys [X]
2015-11-18 17:50 - 2015-11-18 17:50 - 00003117 _____ C:\Users\Marina\Desktop\ZHPCleaner.txt
2015-11-18 17:44 - 2015-11-18 17:44 - 01897984 _____ C:\Users\Marina\Downloads\ZHPCleaner (1).exe
2015-11-18 17:01 - 2015-11-18 17:50 - 00000000 ____D C:\Users\Marina\AppData\Roaming\ZHP
2015-11-18 17:01 - 2015-11-18 17:44 - 00000836 _____ C:\Users\Marina\Desktop\ZHPCleaner.lnk
2015-11-18 16:59 - 2015-11-18 16:59 - 01897984 _____ C:\Users\Marina\Downloads\ZHPCleaner.exe
2015-11-18 17:11 - 2013-03-10 18:27 - 00000324 _____ C:\Windows\Tasks\GlaryInitialize.job
2015-10-19 20:22 - 2015-08-23 16:28 - 00000000 ____D C:\Users\Marina\AppData\Roaming\ntsvc
2013-03-02 01:26 - 2014-10-16 21:29 - 0005632 _____ () C:\Users\Marina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {802F8C9F-6995-4370-9370-10A1BD461A7D} - System32\Tasks\Run_Bobby_Browser => C:\Users\Marina\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:4249A835
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:4249A835
C:\Users\Marina\AppData\Local\Temp\ose00000.exe
C:\Users\Marina\AppData\Local\Temp\ose00001.exe
C:\Users\Marina\AppData\Local\Temp\_is892C.exe
CMD: netsh winsock reset
CMD: ipconfig /flushdns
CMD: sfc /scannow
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processos fechados com sucesso.
C:\Users\Marina\AppData\Roaming\ntsvc\ntsvc.exe => Não foi encontrado em execução o processo
"HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => chave removido com sucesso.
"HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08e47114-68cb-11e4-9464-94de802f4d14}" => chave removido com sucesso.
HKCR\CLSID\{08e47114-68cb-11e4-9464-94de802f4d14} => chave não encontrado.
"HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a37ce29-be97-11e3-9c29-00215abc46b8}" => chave removido com sucesso.
HKCR\CLSID\{6a37ce29-be97-11e3-9c29-00215abc46b8} => chave não encontrado.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08e47114-68cb-11e4-9464-94de802f4d14} => chave não encontrado.
HKCR\CLSID\{08e47114-68cb-11e4-9464-94de802f4d14} => chave não encontrado.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a37ce29-be97-11e3-9c29-00215abc46b8} => chave não encontrado.
HKCR\CLSID\{6a37ce29-be97-11e3-9c29-00215abc46b8} => chave não encontrado.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => chave removido com sucesso.
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => chave não encontrado.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => chave removido com sucesso.
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => chave não encontrado.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => chave removido com sucesso.
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => chave não encontrado.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => chave removido com sucesso.
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => chave não encontrado.
C:\Windows\system32\GroupPolicy\Machine => movido com sucesso
C:\Windows\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
"HKLM\SOFTWARE\Policies\Google" => chave removido com sucesso.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Erro ao configurar valor.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Erro ao configurar valor.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => chave não encontrado.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => chave não encontrado.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => valor restaurado com sucesso
Chrome StartupUrls => removido com sucesso.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => não encontrado.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => não encontrado.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => não encontrado.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => não encontrado.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => não encontrado.
Sed => serviço removido com sucesso.
AVGIDSHA => serviço não encontrado.
Avgrkx64 => serviço não encontrado.
Avgtdia => serviço não encontrado.
C:\Users\Marina\Desktop\ZHPCleaner.txt => movido com sucesso
C:\Users\Marina\Downloads\ZHPCleaner (1).exe => movido com sucesso
C:\Users\Marina\AppData\Roaming\ZHP => movido com sucesso
C:\Users\Marina\Desktop\ZHPCleaner.lnk => movido com sucesso
C:\Users\Marina\Downloads\ZHPCleaner.exe => movido com sucesso
C:\Windows\Tasks\GlaryInitialize.job => movido com sucesso
C:\Users\Marina\AppData\Roaming\ntsvc => movido com sucesso
C:\Users\Marina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{802F8C9F-6995-4370-9370-10A1BD461A7D}" => chave removido com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802F8C9F-6995-4370-9370-10A1BD461A7D}" => chave removido com sucesso.
C:\Windows\System32\Tasks\Run_Bobby_Browser => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser" => chave removido com sucesso.
C:\ProgramData\TEMP => ":4249A835" ADS removido com sucesso..
"C:\Users\Todos os Usuários\TEMP" => ":4249A835" ADS não encontrado.
C:\Users\Marina\AppData\Local\Temp\ose00000.exe => movido com sucesso
C:\Users\Marina\AppData\Local\Temp\ose00001.exe => movido com sucesso
C:\Users\Marina\AppData\Local\Temp\_is892C.exe => movido com sucesso

========= netsh winsock reset =========


Cat�logo Winsock redefinido com �xito.
Reinicie o computador para concluir a redefini��o.


========= Fim de CMD: =========


========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


========= sfc /scannow =========


Iniciando verifica��o de arquivos. O processo levar� alguns minutos para ser conclu�do.

Iniciando fase de verifica��o de verifica��o do sistema.
Verifica��o 0% conclu�da.Verifica��o 1% conclu�da.Verifica��o 2% conclu�da.Verifica��o 3% conclu�da.Verifica��o 3% conclu�da.Verifica��o 4% conclu�da.Verifica��o 5% conclu�da.Verifica��o 6% conclu�da.Verifica��o 6% conclu�da.Verifica��o 7% conclu�da.Verifica��o 8% conclu�da.Verifica��o 9% conclu�da.Verifica��o 9% conclu�da.Verifica��o 10% conclu�da.Verifica��o 11% conclu�da.Verifica��o 12% conclu�da.Verifica��o 13% conclu�da.Verifica��o 13% conclu�da.Verifica��o 14% conclu�da.Verifica��o 15% conclu�da.Verifica��o 16% conclu�da.Verifica��o 16% conclu�da.Verifica��o 17% conclu�da.Verifica��o 18% conclu�da.Verifica��o 19% conclu�da.Verifica��o 19% conclu�da.Verifica��o 20% conclu�da.Verifica��o 21% conclu�da.Verifica��o 22% conclu�da.Verifica��o 23% conclu�da.Verifica��o 23% conclu�da.Verifica��o 24% conclu�da.Verifica��o 25% conclu�da.Verifica��o 26% conclu�da.Verifica��o 26% conclu�da.Verifica��o 27% conclu�da.Verifica��o 28% conclu�da.Verifica��o 29% conclu�da.Verifica��o 29% conclu�da.Verifica��o 30% conclu�da.Verifica��o 31% conclu�da.Verifica��o 32% conclu�da.Verifica��o 33% conclu�da.Verifica��o 33% conclu�da.Verifica��o 34% conclu�da.Verifica��o 35% conclu�da.Verifica��o 36% conclu�da.Verifica��o 36% conclu�da.Verifica��o 37% conclu�da.Verifica��o 38% conclu�da.Verifica��o 39% conclu�da.Verifica��o 39% conclu�da.Verifica��o 40% conclu�da.Verifica��o 41% conclu�da.Verifica��o 42% conclu�da.Verifica��o 43% conclu�da.Verifica��o 43% conclu�da.Verifica��o 44% conclu�da.Verifica��o 45% conclu�da.Verifica��o 46% conclu�da.Verifica��o 46% conclu�da.Verifica��o 47% conclu�da.Verifica��o 48% conclu�da.Verifica��o 49% conclu�da.Verifica��o 49% conclu�da.Verifica��o 50% conclu�da.Verifica��o 51% conclu�da.Verifica��o 52% conclu�da.Verifica��o 53% conclu�da.Verifica��o 53% conclu�da.Verifica��o 54% conclu�da.Verifica��o 55% conclu�da.Verifica��o 56% conclu�da.Verifica��o 56% conclu�da.Verifica��o 57% conclu�da.Verifica��o 58% conclu�da.Verifica��o 59% conclu�da.Verifica��o 59% conclu�da.Verifica��o 60% conclu�da.Verifica��o 61% conclu�da.Verifica��o 62% conclu�da.Verifica��o 62% conclu�da.Verifica��o 63% conclu�da.Verifica��o 64% conclu�da.Verifica��o 65% conclu�da.Verifica��o 66% conclu�da.Verifica��o 66% conclu�da.Verifica��o 67% conclu�da.Verifica��o 68% conclu�da.Verifica��o 69% conclu�da.Verifica��o 69% conclu�da.Verifica��o 70% conclu�da.Verifica��o 71% conclu�da.Verifica��o 72% conclu�da.Verifica��o 72% conclu�da.Verifica��o 73% conclu�da.Verifica��o 74% conclu�da.Verifica��o 75% conclu�da.Verifica��o 76% conclu�da.Verifica��o 76% conclu�da.Verifica��o 77% conclu�da.Verifica��o 78% conclu�da.Verifica��o 79% conclu�da.Verifica��o 79% conclu�da.Verifica��o 80% conclu�da.Verifica��o 81% conclu�da.Verifica��o 82% conclu�da.Verifica��o 82% conclu�da.Verifica��o 83% conclu�da.Verifica��o 84% conclu�da.Verifica��o 85% conclu�da.Verifica��o 86% conclu�da.Verifica��o 86% conclu�da.Verifica��o 87% conclu�da.Verifica��o 88% conclu�da.Verifica��o 89% conclu�da.Verifica��o 89% conclu�da.Verifica��o 90% conclu�da.Verifica��o 91% conclu�da.Verifica��o 92% conclu�da.Verifica��o 92% conclu�da.Verifica��o 93% conclu�da.Verifica��o 94% conclu�da.Verifica��o 95% conclu�da.Verifica��o 96% conclu�da.Verifica��o 96% conclu�da.Verifica��o 97% conclu�da.Verifica��o 98% conclu�da.Verifica��o 99% conclu�da.Verifica��o 99% conclu�da.Verifica��o 100% conclu�da.

A Prote��o de Recursos do Windows n�o encontrou nenhuma viola��o de integridade.

========= Fim de CMD: =========

Ponto de Restauração foi criado com sucesso.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido com sucesso.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido com sucesso.
HKU\S-1-5-21-1676987257-1593010146-3184279874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido com sucesso.


========= Fim de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
EmptyTemp: => 1.7 GB dados temporários Removidos.


O sistema precisava ser reiniciado.

==== Fim de Fixlog 14:25:51 ====

Publicité


Signaler le contenu de ce document

Publicité