Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 21-10-2017
Executado por graci (22-10-2017 00:35:20) Run:1
Executando a partir de C:\Users\graci\Desktop
Perfis Carregados: graci (Perfis Disponíveis: defaultuser0 & graci)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-1075289712-1307527022-1004541857-1001 -> {14E561B4-9E38-4126-8C67-613780B58FD7} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&intl=br&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-1075289712-1307527022-1004541857-1001 -> {33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
Task: {1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} - System32\Tasks\PosiService Startup => C:\Positivo\Deskmedia\start.bat [2016-01-20] () <==== ATENÇÃO
Task: {5A19A530-E4E0-4211-B354-8A39AE9B544A} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-07-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {79C2506B-6E3D-4863-96B9-49F738C8F28E} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-07-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {8BCDC76C-ADE7-45B0-809B-9504612566AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2017-09-20] (Piriform Ltd)
2017-09-03 01:30 - 2017-09-03 01:36 - 000302920 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2017-09-03 01:29 - 2017-09-03 01:36 - 000620872 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2017-09-03 17:24 - 2017-09-03 17:24 - 000003554 _____ C:\WINDOWS\System32\Tasks\ByteFence Scan
2017-09-03 17:24 - 2017-09-03 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-09-03 01:30 - 2017-09-03 01:30 - 000000000 ____D C:\Users\Todos os Usuários\ByteFence
2017-09-03 01:30 - 2017-09-03 01:30 - 000000000 ____D C:\ProgramData\ByteFence
2017-09-03 01:17 - 2017-09-03 01:17 - 000003454 _____ C:\WINDOWS\System32\Tasks\ByteFence
2017-09-03 01:16 - 2017-10-21 12:30 - 000000000 ____D C:\Program Files\ByteFence
2016-11-03 10:39 - 2016-11-03 10:39 - 000375296 _____ () C:\ProgramData\DRV10.tmp
2016-11-03 10:39 - 2016-11-03 10:39 - 006112256 _____ (OEM) C:\ProgramData\E1010.tmp
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [145888 2017-07-20] (Byte Technologies LLC)
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2003-04-18] () [Arquivo não assinado]
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2017-09-03] ()
S4 SWECService; C:\Windows\system32\SWECService.exe [64512 2015-09-04] (TODO: <公司名稱>) [Arquivo não assinado]
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\Program Files\ByteFence\rtop\bin
C:\Program Files\ByteFence\rtop
C:\Program Files\ByteFence
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14E561B4-9E38-4126-8C67-613780B58FD7} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{14E561B4-9E38-4126-8C67-613780B58FD7} => chave não encontrado (a).
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} => chave não encontrado (a).
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\PosiService Startup => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PosiService Startup => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A19A530-E4E0-4211-B354-8A39AE9B544A} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\ByteFence => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79C2506B-6E3D-4863-96B9-49F738C8F28E} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\ByteFence Scan => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence Scan => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BCDC76C-ADE7-45B0-809B-9504612566AA} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BCDC76C-ADE7-45B0-809B-9504612566AA} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave removido (a) com sucesso.
"C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe " => não encontrado (a).
"C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe " => não encontrado (a).
"C:\WINDOWS\System32\Tasks\ByteFence Scan " => não encontrado (a).
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware " => não encontrado (a).
"C:\Users\Todos os Usuários\ByteFence " => não encontrado (a).
"C:\ProgramData\ByteFence " => não encontrado (a).
"C:\WINDOWS\System32\Tasks\ByteFence " => não encontrado (a).
"C:\Program Files\ByteFence " => não encontrado (a).
"C:\ProgramData\DRV10.tmp " => não encontrado (a).
"C:\ProgramData\E1010.tmp " => não encontrado (a).
C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..
ByteFenceService => serviço não encontrado (a).
HKLM\System\CurrentControlSet\Services\KMService => chave removido (a) com sucesso.
KMService => serviço removido (a) com sucesso.
rtop => serviço não encontrado (a).
HKLM\System\CurrentControlSet\Services\SWECService => chave removido (a) com sucesso.
SWECService => serviço removido (a) com sucesso.
"C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe " => não encontrado (a).
"C:\Program Files\ByteFence\rtop\bin" => não encontrado (a).
"C:\Program Files\ByteFence\rtop" => não encontrado (a).
"C:\Program Files\ByteFence" => não encontrado (a).
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61694330 B
Java, Flash, Steam htmlcache => 551 B
Windows/system/drivers => 32719 B
Edge => 23177721 B
Chrome => 226525 B
Firefox => 19449363 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 5048 B
defaultuser0 => 0 B
graci => 1490346 B
RecycleBin => 4299 B
EmptyTemp: => 108.7 MB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 00:36:19 ====
Executado por graci (22-10-2017 00:35:20) Run:1
Executando a partir de C:\Users\graci\Desktop
Perfis Carregados: graci (Perfis Disponíveis: defaultuser0 & graci)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-1075289712-1307527022-1004541857-1001 -> {14E561B4-9E38-4126-8C67-613780B58FD7} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&intl=br&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-1075289712-1307527022-1004541857-1001 -> {33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
Task: {1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} - System32\Tasks\PosiService Startup => C:\Positivo\Deskmedia\start.bat [2016-01-20] () <==== ATENÇÃO
Task: {5A19A530-E4E0-4211-B354-8A39AE9B544A} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-07-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {79C2506B-6E3D-4863-96B9-49F738C8F28E} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-07-20] (Byte Technologies LLC) <==== ATENÇÃO
Task: {8BCDC76C-ADE7-45B0-809B-9504612566AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2017-09-20] (Piriform Ltd)
2017-09-03 01:30 - 2017-09-03 01:36 - 000302920 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2017-09-03 01:29 - 2017-09-03 01:36 - 000620872 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2017-09-03 17:24 - 2017-09-03 17:24 - 000003554 _____ C:\WINDOWS\System32\Tasks\ByteFence Scan
2017-09-03 17:24 - 2017-09-03 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-09-03 01:30 - 2017-09-03 01:30 - 000000000 ____D C:\Users\Todos os Usuários\ByteFence
2017-09-03 01:30 - 2017-09-03 01:30 - 000000000 ____D C:\ProgramData\ByteFence
2017-09-03 01:17 - 2017-09-03 01:17 - 000003454 _____ C:\WINDOWS\System32\Tasks\ByteFence
2017-09-03 01:16 - 2017-10-21 12:30 - 000000000 ____D C:\Program Files\ByteFence
2016-11-03 10:39 - 2016-11-03 10:39 - 000375296 _____ () C:\ProgramData\DRV10.tmp
2016-11-03 10:39 - 2016-11-03 10:39 - 006112256 _____ (OEM) C:\ProgramData\E1010.tmp
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410]
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [145888 2017-07-20] (Byte Technologies LLC)
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2003-04-18] () [Arquivo não assinado]
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2017-09-03] ()
S4 SWECService; C:\Windows\system32\SWECService.exe [64512 2015-09-04] (TODO: <公司名稱>) [Arquivo não assinado]
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\Program Files\ByteFence\rtop\bin
C:\Program Files\ByteFence\rtop
C:\Program Files\ByteFence
EmptyTemp:
Reboot:
end
*****************
Processos fechados com sucesso.
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14E561B4-9E38-4126-8C67-613780B58FD7} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{14E561B4-9E38-4126-8C67-613780B58FD7} => chave não encontrado (a).
HKU\S-1-5-21-1075289712-1307527022-1004541857-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{33053A5E-6E10-47B4-BF5E-2BD82D0CB6E8} => chave não encontrado (a).
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => chave removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EBA8B8E-8B1A-4F12-9A15-4B870BCCD025} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\PosiService Startup => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PosiService Startup => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A19A530-E4E0-4211-B354-8A39AE9B544A} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\ByteFence => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79C2506B-6E3D-4863-96B9-49F738C8F28E} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\ByteFence Scan => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence Scan => chave não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BCDC76C-ADE7-45B0-809B-9504612566AA} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BCDC76C-ADE7-45B0-809B-9504612566AA} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => chave removido (a) com sucesso.
"C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe " => não encontrado (a).
"C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe " => não encontrado (a).
"C:\WINDOWS\System32\Tasks\ByteFence Scan " => não encontrado (a).
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware " => não encontrado (a).
"C:\Users\Todos os Usuários\ByteFence " => não encontrado (a).
"C:\ProgramData\ByteFence " => não encontrado (a).
"C:\WINDOWS\System32\Tasks\ByteFence " => não encontrado (a).
"C:\Program Files\ByteFence " => não encontrado (a).
"C:\ProgramData\DRV10.tmp " => não encontrado (a).
"C:\ProgramData\E1010.tmp " => não encontrado (a).
C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..
ByteFenceService => serviço não encontrado (a).
HKLM\System\CurrentControlSet\Services\KMService => chave removido (a) com sucesso.
KMService => serviço removido (a) com sucesso.
rtop => serviço não encontrado (a).
HKLM\System\CurrentControlSet\Services\SWECService => chave removido (a) com sucesso.
SWECService => serviço removido (a) com sucesso.
"C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe " => não encontrado (a).
"C:\Program Files\ByteFence\rtop\bin" => não encontrado (a).
"C:\Program Files\ByteFence\rtop" => não encontrado (a).
"C:\Program Files\ByteFence" => não encontrado (a).
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61694330 B
Java, Flash, Steam htmlcache => 551 B
Windows/system/drivers => 32719 B
Edge => 23177721 B
Chrome => 226525 B
Firefox => 19449363 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 5048 B
defaultuser0 => 0 B
graci => 1490346 B
RecycleBin => 4299 B
EmptyTemp: => 108.7 MB de dados temporários Removidos.
================================
O sistema precisou ser reiniciado.
==== Fim de Fixlog 00:36:19 ====