Ir para conteúdo

A partir desta 2ª feira 19/11/2018, o Fórum do BABOO se focará apenas em Windows e  Segurança Digital conforme informado no início do ano.
As áreas que não têm relação com esses dois assuntos foram arquivadas e seus tópicos estão disponíveis para consulta na área Tópicos Antigos.

thatybortolani

  • Postagens

    7
  • Desde

  • Última visita

Últimos Visitantes

O bloco dos últimos visitantes está desativado e não está sendo visualizado por outros usuários.

Humor

  • Preocupado
  • Me sentindo Preocupado
  1. thatybortolani

    Vírus tabela Fipe

    Segue o log do DELFIX # DelFix v1.010 - Relatório criado 12/07/2018 às 11:00:10 # Atualizado 26/04/2015 por Xplode # Usuário : usuario - USUARIO-PC # Sistema Operacional : Windows 7 Professional Service Pack 1 (32 bits) ~ Removendo ferramentas de desinfecção ... Removido : C:\AdwCleaner Removido : C:\Program Files\Hijackthis Removido : C:\Users\usuario\Desktop\adwcleaner_7.0.8.0.exe Removido : C:\Users\usuario\Desktop\esetsmartinstaller_enu.exe Removido : C:\Users\usuario\Desktop\HijackThis - Atalho.lnk Removido : C:\Users\usuario\Desktop\ZHPCleaner.lnk Removido : HKLM\SOFTWARE\AdwCleaner Removido : HKLM\SOFTWARE\TrendMicro\Hijackthis ########## - EOF - ########## Agradeço imensamente pela ajuda!!!
  2. thatybortolani

    Vírus tabela Fipe

    Acho que eu havia excedido o limite de posts, agora o campo para responder voltou... eu desabilitei o avast para checar os emails e o outlook voltou ao normal.
  3. thatybortolani

    Vírus tabela Fipe

    Bom dia! Seguem logs conforme solicitado: C:\AdwCleaner\Quarantine\C\Program Files\bestadblocker\IRlZ9rniRlItTL.dll.vir a variant of Win32/Adware.MultiPlug.FL application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\bestadblocker\IRlZ9rniRlItTL.exe.vir a variant of Win32/Adware.MultiPlug.JY application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\SalePllus\SalePllus.exe.vir a variant of Win32/Adware.MultiPlug.JY application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\SalePlus\SGTSyrZ3hISt0C.dll.vir a variant of Win32/Adware.MultiPlug.FL application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\SalePlus\SGTSyrZ3hISt0C.exe.vir a variant of Win32/Adware.MultiPlug.JY application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\SectionSubs\SectionSubs.dll.vir a variant of Win32/Adware.MultiPlug.NA application cleaned by deleting C:\AdwCleaner\Quarantine\C\ProgramData\hgdefcdeajdkbfjpkebbonbjkbkknbmm\content.js.vir JS/Adware.MultiPlug.M application cleaned by deleting C:\AdwCleaner\Quarantine\C\ProgramData\hgdefcdeajdkbfjpkebbonbjkbkknbmm\lsdb.js.vir JS/Adware.MultiPlug.N application cleaned by deleting C:\AdwCleaner\Quarantine\C\ProgramData\NoMore Ads\NoMore Ads.exe.vir Win32/Adware.MultiPlug.OY application cleaned by deleting C:\AdwCleaner\Quarantine\C\ProgramData\{90529932-21e9-a2b9-9052-2993221e64c8}\Download.exe.vir a variant of Win32/Adware.MultiPlug.JH application cleaned by deleting C:\Program Files\CCleaner\Lang\ccsetup414.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting C:\Users\usuario\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6EC465BBFA7616B4D92EDC2DFB804F49 VBS/TrojanDownloader.Agent.NMQ trojan cleaned by deleting C:\Users\usuario\Links\mebinabuhabocobisebunobegubilibatibujo\IVIEWERS.dll a variant of Win32/Spy.Banker.ADPU trojan cleaned by deleting C:\Users\usuario\Links\zobebibepubipebelubuhubocabocubudibumi\IVIEWERS.dll a variant of Win32/Spy.Banker.ADPU trojan cleaned by deleting Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:12:32, on 11/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18616) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Iomega\Tools\imgicon.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\usuario\Links\mebinabuhabocobisebunobegubilibatibujo\mebinabuhabocobisebunobegubilibatibujo.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\taskhost.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130881720268550838&GUID=7DFC4EE6-9DE6-4245-9E06-7DA9E5E67B07 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: zobebibepubipebelubuhubocabocubudibumi.lnk = C:\Windows\System32\cmd.exe O4 - Global Startup: FinishSetup.lnk = ? O4 - Global Startup: Iomega Icons.lnk = ? O4 - Global Startup: Iomega QuikSync.lnk = ? O4 - Global Startup: Iomega Startup Options.lnk = ? O4 - Global Startup: IomegaWare.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 8728 bytes Respondendo à pergunta, aparentemente o PC está normal mas o outkook não está enviando nem recebendo emails.
  4. thatybortolani

    Vírus tabela Fipe

    Segue novo resultado após rootkits desabilitados: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 11/07/18 Hora da análise: 14:38 Arquivo de registro: 2e13523b-8531-11e8-9491-6cf049f6e286.json Administrador: Sim -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.391 Versão do pacote de definições: 1.0.5871 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: usuario-PC\usuario -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 195657 Ameaças detectadas: 1 Ameaças em quarentena: 1 Tempo decorrido: 23 min, 1 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 1 Trojan.Floxif.Trace, HKLM\SOFTWARE\PIRIFORM\AGOMO|TCID, Quarentena, [7306], [436739],1.0.5871 Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:12:32, on 11/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18616) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Iomega\Tools\imgicon.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\usuario\Links\mebinabuhabocobisebunobegubilibatibujo\mebinabuhabocobisebunobegubilibatibujo.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\taskhost.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130881720268550838&GUID=7DFC4EE6-9DE6-4245-9E06-7DA9E5E67B07 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: zobebibepubipebelubuhubocabocubudibumi.lnk = C:\Windows\System32\cmd.exe O4 - Global Startup: FinishSetup.lnk = ? O4 - Global Startup: Iomega Icons.lnk = ? O4 - Global Startup: Iomega QuikSync.lnk = ? O4 - Global Startup: Iomega Startup Options.lnk = ? O4 - Global Startup: IomegaWare.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 8728 bytes Testei o outlook e meus emails ainda não estão funcionando...
  5. thatybortolani

    Vírus tabela Fipe

    Olá! Seguem os logs do MBAM e HijackThis após seguir os passos acima: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 11/07/18 Hora da análise: 11:53 Arquivo de registro: 38f97fd8-851a-11e8-a5a0-6cf049f6e286.json Administrador: Sim -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.391 Versão do pacote de definições: 1.0.5869 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: usuario-PC\usuario -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 193637 Ameaças detectadas: 243 Ameaças em quarentena: 242 Tempo decorrido: 13 min, 25 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 2 PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarentena, [7311], [252393],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, HKU\S-1-5-21-2380076136-2462001490-86626871-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lmjegmlicamnimmfhcmpkclmigmmcbeh, Quarentena, [14326], [443226],1.0.5869 Valor de registro: 4 PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, Quarentena, [7311], [252393],1.0.5869 Trojan.Floxif.Trace, HKLM\SOFTWARE\PIRIFORM\AGOMO|MUID, Quarentena, [7306], [436740],1.0.5869 Trojan.Floxif.Trace, HKLM\SOFTWARE\PIRIFORM\AGOMO|TCID, Nenhuma ação do usuário, [7306], [436739],1.0.5869 Trojan.BlockAV, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8261D7D7-D93B-473E-9A85-865E9C534715}, Quarentena, [7376], [325171],1.0.5869 Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 104 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\AOHGHMIGHLIEIAINNEGKCIJNFILOKAKE, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\NMMHKKEGCCAGDLDGIIMEDPICCMGMIEDA, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\_metadata, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\images, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LMJEGMLICAMNIMMFHCMPKCLMIGMMCBEH, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\pt_BR, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\en, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\es, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_metadata, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\EMBBOANAGKHDGHDNAEKPBPGFCKEEJMLO, Quarentena, [14326], [443226],1.0.5869 Arquivo: 133 PUP.Optional.CrossRider, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\LOCAL STORAGE\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, Quarentena, [395], [443427],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\AOHGHMIGHLIEIAINNEGKCIJNFILOKAKE\0.9_0\MANIFEST.JSON, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata\computed_hashes.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata\verified_contents.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_128.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\icon_16.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.html, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\main.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\NMMHKKEGCCAGDLDGIIMEDPICCMGMIEDA\0.1.0.0_0\MANIFEST.JSON, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css\craw_window.css, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html\craw_window.html, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\flapper.gif, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_128.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_16.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_close.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_hover.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_maximize.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_pressed.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata\verified_contents.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_window.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\LMJEGMLICAMNIMMFHCMPKCLMIGMMCBEH\3.2_0\MANIFEST.JSON, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\images\drive-sync16.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\images\drive-sync256.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\images\drive-sync64.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\_metadata\computed_hashes.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\_metadata\verified_contents.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\background.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Secure Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Substituído, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\EXTENSIONS\EMBBOANAGKHDGHDNAEKPBPGFCKEEJMLO\3.7.3_0\MANIFEST.JSON, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\en\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\es\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_locales\pt_BR\messages.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_metadata\computed_hashes.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\_metadata\verified_contents.json, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\128.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\16.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\48.png, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\bio.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\dc.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\events.html, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\events.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\ps.js, Quarentena, [14326], [443226],1.0.5869 PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embboanagkhdghdnaekpbpgfckeejmlo\3.7.3_0\pta.js, Quarentena, [14326], [443226],1.0.5869 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:12:32, on 11/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18616) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Iomega\Tools\imgicon.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\usuario\Links\mebinabuhabocobisebunobegubilibatibujo\mebinabuhabocobisebunobegubilibatibujo.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\taskhost.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130881720268550838&GUID=7DFC4EE6-9DE6-4245-9E06-7DA9E5E67B07 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: zobebibepubipebelubuhubocabocubudibumi.lnk = C:\Windows\System32\cmd.exe O4 - Global Startup: FinishSetup.lnk = ? O4 - Global Startup: Iomega Icons.lnk = ? O4 - Global Startup: Iomega QuikSync.lnk = ? O4 - Global Startup: Iomega Startup Options.lnk = ? O4 - Global Startup: IomegaWare.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 8728 bytes
  6. thatybortolani

    Vírus tabela Fipe

    ZHPCleaner Report ~ ZHPCleaner v2018.7.10.148 by Nicolas Coolman (2018/07/10) ~ Run by usuario (Administrator) (11/07/2018 10:26:08) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\usuario\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 32-bit Service Pack 1 (Build 7601) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (15656) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. (Explorer) ---\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. (Register) ---\ Result of repair ~ Any repair made ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\ Statistics ~ Items scanned : 90384 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of search in 00h15mn11s ---\ Reports (5) ZHPCleaner-[R]-11072018-10_20_17.txt ZHPCleaner--11072018-08_22_16.txt ZHPCleaner--11072018-08_44_16.txt ZHPCleaner--11072018-10_12_02.txt ZHPCleaner--11072018-10_41_19.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:48:56, on 11/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18616) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130881720268550838&GUID=7DFC4EE6-9DE6-4245-9E06-7DA9E5E67B07 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 6780 bytes
  7. thatybortolani

    Vírus tabela Fipe

    Já fiz todos os procedimentos solicitados no Tópico Oficial. O meu problema: desde que fui infectada pelo vírus da tabela fipe, meus emails do outlook não funcionam. Segue meu log para exame: < Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:12:32, on 11/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18616) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Iomega\Tools\imgicon.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\usuario\Links\mebinabuhabocobisebunobegubilibatibujo\mebinabuhabocobisebunobegubilibatibujo.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\taskhost.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130881720268550838&GUID=7DFC4EE6-9DE6-4245-9E06-7DA9E5E67B07 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files\Common Files\unpkcs11buf\BRZPKCS32.exe -install O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: zobebibepubipebelubuhubocabocubudibumi.lnk = C:\Windows\System32\cmd.exe O4 - Global Startup: FinishSetup.lnk = ? O4 - Global Startup: Iomega Icons.lnk = ? O4 - Global Startup: Iomega QuikSync.lnk = ? O4 - Global Startup: Iomega Startup Options.lnk = ? O4 - Global Startup: IomegaWare.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 8728 bytes >
×