cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Claudio (2016-04-04 16:11:33) Run:1
Executando a partir de C:\Users\Claudio\Desktop
Perfis Carregados: Claudio (Perfis Disponíveis: Claudio & DefaultAppPool)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
start
CloseProcesses:
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartpageing.com/?type=sc&ts=1459401743&z=91bbbc1607d2a6aaf07683fg2z7wftbzde9g5qatbt&from=cmi&uid=ST500LM012XHN-M500MBB_S2SKJ5FC405477
S2 ggbugreport; "C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath
2016-03-31 10:29 - 2016-03-31 15:12 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Baidu
2016-03-31 10:29 - 2016-03-31 10:29 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-03-31 10:28 - 2016-03-31 10:28 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-03-31 00:57 - 2016-03-31 01:01 - 00000000 ____D C:\Users\Claudio\AppData\Local\app
2016-03-31 00:00 - 2016-03-31 16:32 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\XBox
2016-03-30 22:46 - 2016-03-30 22:46 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-03-30 22:46 - 2016-03-30 22:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-30 22:45 - 2016-03-30 22:45 - 00015120 _____ C:\WINDOWS\System32\Tasks\WinTaske
2016-01-22 17:55 - 2016-01-22 18:00 - 19575296 _____ (OEM) C:\Users\Todos os Usuários\E1010.tmp
2016-01-22 17:55 - 2016-01-22 18:00 - 19575296 _____ (OEM) C:\ProgramData\E1010.tmp
2016-01-22 17:55 - 2016-01-22 17:55 - 00510976 _____ C:\Users\Todos os Usuários\DRV10.tmp
2016-01-22 17:55 - 2016-01-22 17:55 - 00510976 _____ C:\ProgramData\DRV10.tmp
Task: {1D28B2E0-D659-464D-A118-FE1A15ACDA06} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {2F062876-0359-4FEE-AB00-17F6CCE79F0F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {517F7467-8BCC-4299-8FFD-2273D2CE6170} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {6BB260AC-3E2B-4DA9-8D90-8123B55F16C6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {77AEDFBA-8329-4E54-8E51-97EDA634FA39} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {78D3D37C-E968-4F85-A89C-170C08D86A64} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {82CEB5AA-6B1D-40E2-B679-7B9563A4545B} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe
Task: {83104D58-7A43-43D8-82C2-1712987367E1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {8F12AD18-A496-4AF1-A905-53CA05E44ACE} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe [2016-03-31] (Enigma Software Group USA, LLC.)
Task: {9EC230D2-A28D-4578-85B5-E02547F4BF3E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {C0C535CC-A6D6-430B-90FF-5C86BDC2CCEA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {C192B5A2-4BA7-44B3-B489-E9AC1E3F4E94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {C97C504A-1901-41BC-8997-90305126C3AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {E86EB434-23CA-486C-8830-B0312C50C373} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
ShortcutWithArgument: C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459388594&a=1024132&src=sh&uuid=21e29d18-61bd-4639-8e24-a97f11029710"
ShortcutWithArgument: C:\Users\Claudio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459388594&a=1024132&src=sh&uuid=21e29d18-61bd-4639-8e24-a97f11029710"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.istartpageing.com/?type=sc&ts=1459401743&z=91bbbc1607d2a6aaf07683fg2z7wftbzde9g5qatbt&from=cmi&uid=ST500LM012XHN-M500MBB_S2SKJ5FC405477
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartpageing.com/?type=sc&ts=1459401743&z=91bbbc1607d2a6aaf07683fg2z7wftbzde9g5qatbt&from=cmi&uid=ST500LM012XHN-M500MBB_S2SKJ5FC405477
AlternateDataStreams: C:\Users\Claudio\Documents\Leoni - Manual de Sobrevivencia no Mundo Digital.pdf:SummaryInformation [71]
AlternateDataStreams: C:\Users\Claudio\Documents\Leoni - Manual de Sobrevivencia no Mundo Digital.pdf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
C:\Users\Claudio\AppData\Local\Temp\*.tmp.exe
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processos fechados com sucesso.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => valor restaurado com sucesso
ggbugreport => serviço removido (a) com sucesso.
idsvc => serviço removido (a) com sucesso.
wpcsvc => serviço removido (a) com sucesso.
C:\Users\Claudio\AppData\Roaming\Baidu => movido com sucesso
C:\Users\Public\Documents\Baidu => movido com sucesso
C:\Users\Public\Documents\Guid => movido com sucesso
C:\Users\Claudio\AppData\Local\app => movido com sucesso
C:\Users\Claudio\AppData\Roaming\XBox => movido com sucesso
C:\Users\Todos os Usuários\boost_interprocess => movido com sucesso
"C:\ProgramData\boost_interprocess" => não encontrado (a).
C:\WINDOWS\System32\Tasks\WinTaske => movido com sucesso
C:\Users\Todos os Usuários\E1010.tmp => movido com sucesso
"C:\ProgramData\E1010.tmp" => não encontrado (a).
C:\Users\Todos os Usuários\DRV10.tmp => movido com sucesso
"C:\ProgramData\DRV10.tmp" => não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D28B2E0-D659-464D-A118-FE1A15ACDA06}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D28B2E0-D659-464D-A118-FE1A15ACDA06}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F062876-0359-4FEE-AB00-17F6CCE79F0F}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F062876-0359-4FEE-AB00-17F6CCE79F0F}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{517F7467-8BCC-4299-8FFD-2273D2CE6170}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{517F7467-8BCC-4299-8FFD-2273D2CE6170}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BB260AC-3E2B-4DA9-8D90-8123B55F16C6}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BB260AC-3E2B-4DA9-8D90-8123B55F16C6}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77AEDFBA-8329-4E54-8E51-97EDA634FA39}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77AEDFBA-8329-4E54-8E51-97EDA634FA39}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78D3D37C-E968-4F85-A89C-170C08D86A64}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78D3D37C-E968-4F85-A89C-170C08D86A64}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82CEB5AA-6B1D-40E2-B679-7B9563A4545B}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82CEB5AA-6B1D-40E2-B679-7B9563A4545B}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\WinTaske => não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTaske" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83104D58-7A43-43D8-82C2-1712987367E1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83104D58-7A43-43D8-82C2-1712987367E1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F12AD18-A496-4AF1-A905-53CA05E44ACE} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\SpyHunter4Startup => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => chave não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EC230D2-A28D-4578-85B5-E02547F4BF3E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EC230D2-A28D-4578-85B5-E02547F4BF3E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0C535CC-A6D6-430B-90FF-5C86BDC2CCEA}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0C535CC-A6D6-430B-90FF-5C86BDC2CCEA}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C192B5A2-4BA7-44B3-B489-E9AC1E3F4E94}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C192B5A2-4BA7-44B3-B489-E9AC1E3F4E94}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C97C504A-1901-41BC-8997-90305126C3AD}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C97C504A-1901-41BC-8997-90305126C3AD}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E86EB434-23CA-486C-8830-B0312C50C373}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E86EB434-23CA-486C-8830-B0312C50C373}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => chave removido (a) com sucesso.
C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk => Atalho argumento removido (a) com sucesso..
C:\Users\Claudio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk => Atalho argumento removido (a) com sucesso..
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
"C:\Users\Claudio\Documents\Leoni - Manual de Sobrevivencia no Mundo Digital.pdf" => ":SummaryInformation" ADS não encontrado (a).
C:\Users\Claudio\Documents\Leoni - Manual de Sobrevivencia no Mundo Digital.pdf => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removido (a) com sucesso..

=========== "C:\Users\Claudio\AppData\Local\Temp\*.tmp.exe" ==========

não encontrado (a)

========= Fim -> "C:\Users\Claudio\AppData\Local\Temp\*.tmp.exe" ========

Ponto de Restauração criado com sucesso.

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-1747542895-3985366821-2164306022-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => valor removido (a) com sucesso.
HKU\S-1-5-21-1747542895-3985366821-2164306022-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-1747542895-3985366821-2164306022-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.


========= Fim de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
EmptyTemp: => 224 MB de dados temporários Removidos.


O sistema precisou ser reiniciado.

==== Fim de Fixlog 16:11:49 ====

Publicité


Signaler le contenu de ce document

Publicité