Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

Hight templar

Participante
  • Postagens

    52
  • Desde

  • Última visita

  1. Botão configurações do Menu Iniciar

    Fiz esse procedimento apareceu uns comandos em vermelho reiniciei e continua na mesma
  2. Botão configurações do Menu Iniciar

    Sim está atualizado com a ultima build, versão: 1703 build: 15063.540
  3. Botão configurações do Menu Iniciar

    Começou ontem não fiz nenhuma alteração o engraçado é que criei outro usuário e não tive problema só que já é a terceira vez que faço isso
  4. Botão configurações do Menu Iniciar

    Olá gostaria de Obter ajuda referente ao botão configurações do Menu Iniciar, quando clico no mesmo não ocorre ação nenhuma o mesmo ocorre com a calculadora e os itens do bloco dinâmico desapareceram.
  5. Solicitação de Análise de Logs

    Muito Obrigado pela atenção Mr. Million
  6. Solicitação de Análise de Logs

    parou de aparecer as janelas de propaganda no chrome mas ele fica crashando do nada, o PC esta normal
  7. Solicitação de Análise de Logs

    segue os logs: Zoek.exe v5.0.0.0 Updated 04-May-2015Tool run by Fl vio on 03/07/2015 at 15:45:21,94.Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\FLVIO~1\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 03/07/2015 15:47:00 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Hoplon deleted successfullyC:\PROGRA~2\R.G. Mechanics deleted successfullyC:\PROGRA~2\Softland deleted successfullyC:\PROGRA~2\COMMON~1\Symantec Shared deleted successfullyC:\Users\FLVIO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Hoplon deleted successfullyC:\Users\FLVIO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Joymax deleted successfullyC:\Users\FLVIO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\RaidCall deleted successfullyC:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\prefs.js: Added to C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\prefs.js:user_pref("browser.startup.homepage", "about:home");user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637 user.js not found---- Lines extensions.I2KWlBAW3dV4RAJh removed from prefs.js ----user_pref("extensions.I2KWlBAW3dV4RAJh.epoch", "1435956127");user_pref("extensions.I2KWlBAW3dV4RAJh.url", "http://veterance.com/sync2/?q=hfZ9oftLgfbEtNbPhd9FrjsErdaMg708BNmGWj8ckShGheDUojw8rdgGqdw9rHCEqShIC7n0rj---- Lines extensions.cDQnsixEat3YBiPi removed from prefs.js ----user_pref("extensions.cDQnsixEat3YBiPi.epoch", "1433548208");user_pref("extensions.cDQnsixEat3YBiPi.url", "http://bloggergroupweb.info/sync2/?q=hfZ9oe84hylSBGhEAen0rja7rda7tMqLDe49CNU0nVsMCMlNhd9Fqja7rdnGrTaFqjs---- FireFox user.js and prefs.js backups ---- prefs_072015_1602_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Hoplon not foundC:\PROGRA~2\R.G. Mechanics not foundC:\PROGRA~2\Softland not foundC:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not foundC:\PROGRA~2\Instapaper deletedC:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deletedC:\HijackThis.exe deletedC:\PROGRA~3\Package Cache deletedC:\Windows\SysNative\config\systemprofile\Searches deleted"C:\Windows\Installer\3bdddb.msi" deleted"C:\Users\FLVIO~1\AppData\Local\{6FDAD065-C8A4-43E9-AFE4-24B20FEBDE27}" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637user_pref("browser.startup.homepage", "about:home");user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]"e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [28/04/2015 13:19][HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Fl vio\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [10/05/2015 10:33] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FLVIO~1\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637- E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on- Undetermined - C:\Users\Flávio\AppData\Local\GAS Tecnologia\GBBD\bb\xpi AppDir: C:\Program Files (x86)\Mozilla Firefox- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionslifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensionsbbjllphbppobebmjpjcijfbakobcheof - No path found[]nnjbodopomfddehlalfilheomcahbpei - C:\Users\Fl vio\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[] ==== Set IE to Default ====================== Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157" New Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1816509081-2829320590-1444100945-1000\Software\Mozilla\Firefox\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873} deleted successfullyHKEY_USERS\S-1-5-21-1816509081-2829320590-1444100945-1000\Software\Mozilla\Firefox\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} deleted successfully ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Users\Public\Desktop\ASRock eXtreme Tuner.lnk - C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe C:\Users\Public\Desktop\ASRock InstantBoot.lnk - C:\Program Files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe C:\Users\Public\Desktop\ASRock SmartConnect.lnk - C:\Program Files\ASRock Utility\SmartConnect\AsrSmartConnect.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\DOSBox 0.74.lnk - C:\Games\DOSBox-0.74\DOSBox.exe -userconfC:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Public\Desktop\Manual Epson L355.lnk - C:\Program Files (x86)\epson\guide\l355_p\index.html C:\Users\Public\Desktop\Maxtor MaxBlast.lnk - C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Receitanet 1.07 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe C:\Users\Public\Desktop\State of Decay Year One.lnk - D:\Games\State of Decay Year One\StateOfDecay.exe C:\Users\Public\Desktop\World of Warcraft Public Test.lnk - D:\World of Warcraft Public Test\World of Warcraft Public Test Launcher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Ajuda do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Desinstalar GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\GCAP2014 - Ganhos de Capital 2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014\GCAP - Ganhos de Capital\Leia-me do GCAP2014.lnk - C:\Users\Flávio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free.lnk - C:\Program Files (x86)\BurnAware Free\BurnAware.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Desinstalar BurnAware Free.lnk - C:\Program Files (x86)\BurnAware Free\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Help.lnk - C:\Program Files (x86)\BurnAware Free\burnaware.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\Try Free CutePDF Editor.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\PDF Writer\Readme.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Just Cause 2.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm Public Test\Heroes of the Storm Public Test.lnk - C:\Games\Heroes of the Storm Public Test\Heroes of the Storm Public Test.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab aboutC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor\Maxtor MaxBlast\Bootable Media Builder.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor\Maxtor MaxBlast\Maxtor MaxBlast.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /showC:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disableC:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enableC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Ajuda do Receitanet 1.07 .lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Desinstalar o Receitanet 1.07.lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Desinstalador.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB\Receitanet\Receitanet 1.07 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Console do Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Encerrar Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Iniciar Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse\Razer Synapse.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launchC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launchC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\State of Decay Year One\State of Decay Year One.lnk - D:\Games\State of Decay Year One\StateOfDecay.exe ==== Reset IE Proxy ====================== Value(s) before fix:"ProxyEnable"=dword:00000000 Value(s) after fix:"ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB1DAB1E8E0C810429187E2D6C0B4747 deleted successfullyHKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfullyHKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nnjbodopomfddehlalfilheomcahbpei deleted successfullyHKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\AB1DAB1E8E0C810429187E2D6C0B4747 deleted successfullyHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=58 folders=33 51905285 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfullyC:\Users\Default User\AppData\Local\Temp emptied successfullyC:\Users\USURIO~1\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at rebootC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfullyC:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptiedC:\Users\FLVIO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on 03/07/2015 at 16:13:12,93 ====================== Logfile of Trend Micro HijackThis v2.0.4Scan saved at 16:17:23, on 03/07/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17840)Boot mode: Normal Running processes:C:\PROGRA~2\GbPlugin\GbpSv.exeC:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exeC:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exeC:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\Windows\SysWOW64\notepad.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files (x86)\XFastUSB\XFastUsb.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeC:\Users\Flávio\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Users\Flávio\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O1 - Hosts: ::1 localhostO2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLLO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dllO2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dllO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dllO3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXEO4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /rO4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeO4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.batO4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Flávio\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')O4 - Startup: CurseClientStartup.ccipO4 - Startup: Dropbox.lnk = ?O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: www.bancobrasil.com.brO15 - Trusted Zone: www14.bancobrasil.com.brO15 - Trusted Zone: www2.bancobrasil.com.brO15 - Trusted Zone: www.bb.com.brO15 - Trusted Zone: http://www.bb.com.brO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: bankline.itau.com.brO15 - Trusted Zone: clickbanking.itau.com.brO15 - Trusted Zone: guardiao.itau.com.brO15 - Trusted Zone: www.itau.com.brO15 - Trusted Zone: http://www.itau.com.brO15 - Trusted Zone: *.itau.com.brO15 - Trusted Zone: http://www.itaupersonnalite.com.brO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cabO16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLO20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dllO20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exeO23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exeO23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXEO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exeO23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exeO23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeO23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exeO23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: Maxtor Scheduler2 Service (MaxSch2Svc) - Maxtor - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeO23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: Origin Client Service - Electronic Arts - D:\Games\Origin\OriginClientService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeO23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeO23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 17505 bytes
  8. Solicitação de Análise de Logs

    Seguem os logs: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by MalwarebytesVersion: 7.2.7 (07.02.2015:2)OS: Windows 7 Ultimate x64Ran by Fl vio on 03/07/2015 at 15:20:03,04~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Users\Fl vio\AppData\Roaming\appdataFr25.binSuccessfully deleted: [File] C:\Users\Fl vio\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage ~~~ Folders Failed to delete: [Folder] C:\Program Files (x86)\gbpluginSuccessfully deleted: [Folder] C:\ProgramData\gbpluginSuccessfully deleted: [Folder] C:\ProgramData\productdataSuccessfully deleted: [Folder] C:\ProgramData\surfeasy vpnSuccessfully deleted: [Folder] C:\ProgramData\16866836253651293167Successfully deleted: [Folder] C:\Users\Fl vio\AppData\Roaming\3909 ~~~ Chrome [C:\Users\Fl vio\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Fl vio\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Fl vio\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Fl vio\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:[] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 03/07/2015 at 15:23:35,93End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v4.207 - Relatório criado 03/07/2015 às 15:05:46# Atualizado 21/06/2015 por Xplode# Base de dados : 2015-07-02.1 [servidor]# Sistema operacional : Windows 7 Ultimate Service Pack 1 (x64)# Usuário : Flávio - FLAVIO-PC# Executando de : C:\Users\Flávio\Desktop\AdwCleaner.exe# Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Excluído : C:\Program Files (x86)\PragmaEngine ***** [ Tarefas agendadas ] ***** ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Apagado : HKLM\SOFTWARE\56c8491b-26e9-90c9-91e8-fda6c24833d6 ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v38.0.5 (x86 pt-BR) [wvh1r0xq.default-1429623013637\prefs.js] - Linha Apagado : user_pref("extensions.I2KWlBAW3dV4RAJh.scode", "(function(){try{if(window.location.href.indexOf(\"pjwErjn4pjC8rdU8qdU5rda7rY\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...][wvh1r0xq.default-1429623013637\prefs.js] - Linha Apagado : user_pref("extensions.cDQnsixEat3YBiPi.scode", "(function(){try{if(window.location.href.indexOf(\"pjwErjn4pjC8rdU8qdU5rda7rY\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure.[...] -\\ Google Chrome v43.0.2357.130 -\\ Chromium v ************************* AdwCleaner[R0].txt - [1139 bytes] - [20/10/2014 12:25:00]AdwCleaner[R1].txt - [2230 bytes] - [02/02/2015 09:50:18]AdwCleaner[R2].txt - [2740 bytes] - [04/06/2015 20:42:58]AdwCleaner[R3].txt - [1835 bytes] - [03/07/2015 15:04:30]AdwCleaner[s0].txt - [1196 bytes] - [20/10/2014 12:27:16]AdwCleaner[s1].txt - [2258 bytes] - [02/02/2015 09:52:19]AdwCleaner[s2].txt - [2920 bytes] - [04/06/2015 20:44:32]AdwCleaner[s3].txt - [1760 bytes] - [03/07/2015 15:05:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1819 bytes] ########## Logfile of Trend Micro HijackThis v2.0.4Scan saved at 15:27:23, on 03/07/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17840)Boot mode: Normal Running processes:C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\PROGRA~2\GbPlugin\GbpSv.exeC:\Windows\SysWOW64\notepad.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O1 - Hosts: 5.39.25.104 abgx360.netO2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLLO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dllO2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dllO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dllO3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXEO4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /rO4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeO4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.batO4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Flávio\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')O4 - Startup: CurseClientStartup.ccipO4 - Startup: Dropbox.lnk = ?O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: www.bancobrasil.com.brO15 - Trusted Zone: www14.bancobrasil.com.brO15 - Trusted Zone: www2.bancobrasil.com.brO15 - Trusted Zone: www.bb.com.brO15 - Trusted Zone: http://www.bb.com.brO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: bankline.itau.com.brO15 - Trusted Zone: clickbanking.itau.com.brO15 - Trusted Zone: guardiao.itau.com.brO15 - Trusted Zone: www.itau.com.brO15 - Trusted Zone: http://www.itau.com.brO15 - Trusted Zone: *.itau.com.brO15 - Trusted Zone: http://www.itaupersonnalite.com.brO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cabO16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLO20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dllO20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exeO23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exeO23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXEO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exeO23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exeO23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeO23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exeO23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: Maxtor Scheduler2 Service (MaxSch2Svc) - Maxtor - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeO23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: Origin Client Service - Electronic Arts - D:\Games\Origin\OriginClientService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeO23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeO23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 16732 bytes
  9. Solicitação de Análise de Logs

    segue o log do MBAM: Malwarebytes Anti-Malwarewww.malwarebytes.org Data da verificação: 03/07/2015Hora da verificação: 10:42Arquivo de registro: Mbam.txtAdministrador: Sim Versão: 2.1.8.1057Banco de dados de malware: v2015.07.03.03Banco de dados de rootkit: v2015.07.01.01Licença: GratuitaProteção contra malware: DesabilitadoProteção contra website malicioso: DesabilitadoAutoproteção: Desabilitado Sistema operacional: Windows 7 Service Pack 1CPU: x64Sistema de arquivos: NTFSUsuário: Flávio Tipo de verificação: Verificação da ameaçaResultado: ConcluídoObjetos verificados: 389643Tempo decorrido: 16 min, 56 seg Memória: HabilitadoInicialização: HabilitadoSistema de arquivos: HabilitadoArquivos compactados: HabilitadoRootkits: HabilitadoHeurística: HabilitadoPUP: HabilitadoPUM: Habilitado Processos: 0(Nenhum item malicioso detectado) Módulos: 0(Nenhum item malicioso detectado) Chaves de registro: 2PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarentena, [baa5924b206ae056acc94c4c18ed41bf], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarentena, [d6896c71157541f59bda5f39bb4a946c], Valores de registro: 2PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarentena, [baa5924b206ae056acc94c4c18ed41bf]PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarentena, [d6896c71157541f59bda5f39bb4a946c] Dados de registro: 0(Nenhum item malicioso detectado) Pastas: 4PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net\content, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], Arquivos: 11Trojan.Downloader.BL, C:\Users\Flávio\Downloads\Ultimo_Aviso_Intimacao.pdf.rar, Quarentena, [9ac5b627701a7cbaa6f7db4a4bb754ac], PUP.Optional.AppDataFR.A, C:\Users\Flávio\AppData\Roaming\appdataFr25.bin, Quarentena, [62fd1fbe08823600ce52e616a65da65a], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146\lsdb.js, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146\background.html, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146\content.js, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146\kTxy9Kj.js, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh\146\manifest.json, Quarentena, [19466d70860479bd886779168e7759a7], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net\content\bg.js, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net\bootstrap.js, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net\chrome.manifest, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], PUP.Optional.MultiPlug.A, C:\Users\Flávio\AppData\Roaming\Mozilla\Firefox\Profiles\wvh1r0xq.default-1429623013637\extensions\09zV@v.net\install.rdf, Quarentena, [fe61924b7e0c94a2807de5aab64f01ff], Setores físicos: 0(Nenhum item malicioso detectado) (end) Segue o log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:19:21, on 03/07/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17840)Boot mode: Normal Running processes:C:\PROGRA~2\GbPlugin\GbpSv.exeC:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exeC:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exeC:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files (x86)\XFastUSB\XFastUsb.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeC:\Users\Flávio\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O1 - Hosts: 5.39.25.104 abgx360.netO2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLLO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dllO2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dllO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dllO3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXEO4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /rO4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeO4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.batO4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Flávio\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')O4 - Startup: CurseClientStartup.ccipO4 - Startup: Dropbox.lnk = ?O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: www.bancobrasil.com.brO15 - Trusted Zone: www14.bancobrasil.com.brO15 - Trusted Zone: www2.bancobrasil.com.brO15 - Trusted Zone: www.bb.com.brO15 - Trusted Zone: http://www.bb.com.brO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: bankline.itau.com.brO15 - Trusted Zone: clickbanking.itau.com.brO15 - Trusted Zone: guardiao.itau.com.brO15 - Trusted Zone: www.itau.com.brO15 - Trusted Zone: http://www.itau.com.brO15 - Trusted Zone: *.itau.com.brO15 - Trusted Zone: http://www.itaupersonnalite.com.brO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cabO16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLO20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dllO20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exeO23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exeO23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXEO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exeO23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exeO23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeO23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exeO23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: Maxtor Scheduler2 Service (MaxSch2Svc) - Maxtor - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeO23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: Origin Client Service - Electronic Arts - D:\Games\Origin\OriginClientService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeO23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeO23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 17515 bytes
  10. Solicitação de Análise de Logs

    Já fiz todos os procedimentos solicitados no Tópico Oficial Nos navegadores chrome e firefox fica abrindo propagandas, eu removo as extensões mas as janelas e a extensão volta a aparecer e o microsoft c++ redistributable fica dando erro. Segue meu Log para exame: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 03:15:14, on 02/07/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17840)Boot mode: Normal Running processes:C:\PROGRA~2\GbPlugin\GbpSv.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files (x86)\XFastUSB\XFastUsb.exeC:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeC:\Users\Flávio\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exeC:\Games\Battle.net\Battle.net.5952\Battle.net.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\NOTEPAD.EXEC:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O1 - Hosts: 5.39.25.104 abgx360.netO2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLLO2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dllO2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dllO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dllO3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dllO4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXEO4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /rO4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exeO4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Maxtor\MaxBlast\TimounterMonitor.exeO4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.batO4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Flávio\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /cO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')O4 - Startup: CurseClientStartup.ccipO4 - Startup: Dropbox.lnk = ?O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllO9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: www.bancobrasil.com.brO15 - Trusted Zone: www14.bancobrasil.com.brO15 - Trusted Zone: www2.bancobrasil.com.brO15 - Trusted Zone: www.bb.com.brO15 - Trusted Zone: http://www.bb.com.brO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: bankline.itau.com.brO15 - Trusted Zone: clickbanking.itau.com.brO15 - Trusted Zone: guardiao.itau.com.brO15 - Trusted Zone: www.itau.com.brO15 - Trusted Zone: http://www.itau.com.brO15 - Trusted Zone: *.itau.com.brO15 - Trusted Zone: http://www.itaupersonnalite.com.brO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cabO16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLO20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dllO20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exeO23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exeO23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exeO23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXEO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exeO23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exeO23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeO23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exeO23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: Maxtor Scheduler2 Service (MaxSch2Svc) - Maxtor - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeO23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: Origin Client Service - Electronic Arts - D:\Games\Origin\OriginClientService.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeO23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeO23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 17493 bytes
×