Ir para conteúdo
  • Cadastre-se

A partir do dia 19/11/2018, o foco do Fórum do BABOO é apenas Windows e Segurança Digital conforme informado no início de 2018.
As áreas que não têm relação com esses dois assuntos foram arquivadas e seus tópicos estão disponíveis para consulta na área Tópicos Antigos.

Conheça as novidades de 2019 para o BABOO e Fórum do BABOO

Otacilio

  • Postagens

    7
  • Desde

  • Última visita

  1. ok. Obrigado pela ajuda. Bom fim de semana.
  2. Bom dia. hoje consegui verificar meu computador. liguei e achei ele ainda lento. e depois de uns 15 minutos ligado, cliquei no icone do Google Chrome para acessar a internet e levou uns 7 minutos para abrir a janela. Depois de acessar um vez, se eu sair do chrome e voltar a clicar para acessar novamente ele é rápido. Alguma outra ação para verificar?
  3. C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe.vir a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe.vir a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.R potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\vntldr.exe.vir a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\GOSafer\nfapi.dll.vir a variant of Win32/NetFilter.A potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Program Files\WNet\nfapi.dll.vir a variant of Win32/NetFilter.A potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Users\Otacilio\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Users\Otacilio\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\AdwCleaner\Quarantine\C\Users\Otacilio\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll.vir a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application cleaned by deleting C:\Users\Otacilio\Desktop\coisas henrique\$RECYCLE.BIN\$RWRBTOS.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting C:\Windows\System32\wsrundll.dll a variant of MSIL/WaveSpy.A potentially unsafe application cleaned by deleting LOG NOVO DO HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:51:02, on 13/02/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19267) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\DbxSvc.exe C:\Windows\System32\svchost.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe C:\Windows\system32\svchost.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe C:\Contabil\Utilitários\ServicoAgendador.exe C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe C:\Contabil\Utilitários\gerencatu.exe C:\Windows\system32\svchost.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\System32\svchost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe C:\Windows\system32\svchost.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Dropbox\Client\QtWebEngineProcess.exe C:\Windows\system32\svchost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Users\Otacilio\Desktop\HijackThis (2).exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Serasa Update.lnk = C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O15 - Trusted Zone: correspondente.sicredi.com.br O15 - Trusted Zone: ibpf.sicredi.com.br O15 - Trusted Zone: ibpj.sicredi.com.br O15 - Trusted Zone: si-plg.sicredi.com.br O15 - Trusted Zone: www.sicredi.com.br O15 - Trusted Zone: internet.sicreditotal.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{CDB80BC6-B425-4DA4-B790-8F2404F4FA87}: NameServer = 4.2.2.1,4.2.2.2 O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\72.0.3626.96\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: ServicoAgendador - Unknown owner - C:\Contabil\Utilitários\ServicoAgendador.exe O23 - Service: ServicoDominioAtendimento - Unknown owner - C:\Contabil\Agente de Comunicação com o Domínio Atendimento\Servico\ServicoDominioAtendimento.exe O23 - Service: ServicoGerenciadorAtualizacao - Unknown owner - C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 12117 bytes SITUAÇÃO DO PC Ainda não reiniciei após o último processo. mas já parece mais rápido. vou reiniciar para ver como está o acesso a internet e aos arquivos do PC. retorno com a situação encontrada.
  4. Postando novamente log mbam Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 12/02/2019 Hora da análise: 16:44 Arquivo de registro: 41d23633-2ef6-11e9-a37c-00235a63c749.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.538 Versão do pacote de definições: 1.0.9230 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: Otacilio-PC\Otacilio -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 177479 Ameaças detectadas: 0 Ameaças em quarentena: 0 Tempo decorrido: 20 min, 40 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) log Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:25:42, on 12/02/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19236) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\DbxSvc.exe C:\Windows\System32\svchost.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe C:\Windows\system32\svchost.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe C:\Contabil\Utilitários\ServicoAgendador.exe C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe C:\Windows\system32\svchost.exe C:\Contabil\Utilitários\gerencatu.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\System32\svchost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Dropbox\Client\QtWebEngineProcess.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Windows\system32\svchost.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Otacilio\Desktop\HijackThis (2).exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Serasa Update.lnk = C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O15 - Trusted Zone: correspondente.sicredi.com.br O15 - Trusted Zone: ibpf.sicredi.com.br O15 - Trusted Zone: ibpj.sicredi.com.br O15 - Trusted Zone: si-plg.sicredi.com.br O15 - Trusted Zone: www.sicredi.com.br O15 - Trusted Zone: internet.sicreditotal.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{CDB80BC6-B425-4DA4-B790-8F2404F4FA87}: NameServer = 4.2.2.1,4.2.2.2 O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\72.0.3626.96\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: ServicoAgendador - Unknown owner - C:\Contabil\Utilitários\ServicoAgendador.exe O23 - Service: ServicoDominioAtendimento - Unknown owner - C:\Contabil\Agente de Comunicação com o Domínio Atendimento\Servico\ServicoDominioAtendimento.exe O23 - Service: ServicoGerenciadorAtualizacao - Unknown owner - C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 11659 bytes
  5. Log do Mbam Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 12/02/2019 Hora da análise: 11:14 Arquivo de registro: 28eb5532-2ec8-11e9-af8e-00235a63c749.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.538 Versão do pacote de definições: 1.0.9228 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: Otacilio-PC\Otacilio -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 176745 Ameaças detectadas: 13 Ameaças em quarentena: 13 Tempo decorrido: 6 min, 33 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 1 PUP.Optional.WiperSoft, C:\USERS\OTACILIO\APPDATA\ROAMING\WIPERSOFT, Quarentena, [4416], [340918],1.0.9228 Arquivo: 12 PUP.Optional.WiperSoft, C:\USERS\OTACILIO\APPDATA\ROAMING\WIPERSOFT\SIGNATURES.DAT, Quarentena, [4416], [340918],1.0.9228 PUP.Optional.WiperSoft, C:\Users\Otacilio\AppData\Roaming\WiperSoft\whitelist.dat, Quarentena, [4416], [340918],1.0.9228 PUP.Optional.WiperSoft, C:\Users\Otacilio\AppData\Roaming\WiperSoft\wipersoft.dat, Quarentena, [4416], [340918],1.0.9228 PUP.Optional.WiperSoft, C:\Users\Otacilio\AppData\Roaming\WiperSoft\wipersoft.eni, Quarentena, [4416], [340918],1.0.9228 PUP.Optional.WiperSoft, C:\Users\Otacilio\AppData\Roaming\WiperSoft\WiperSoft.Fix.log, Quarentena, [4416], [340918],1.0.9228 PUP.Optional.WiperSoft, C:\Users\Otacilio\AppData\Roaming\WiperSoft\WiperSoft.Scan.log, Quarentena, [4416], [340918],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\ANTIMALWARESETUP.EXE, Quarentena, [0], [392686],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\MSIA9B9.TMP, Quarentena, [0], [392686],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\MSIF28C.TMP, Quarentena, [0], [392686],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\MSI8250.TMP, Quarentena, [0], [392686],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\MSIDCC6.TMP, Quarentena, [0], [392686],1.0.9228 Generic.Malware/Suspicious, C:\USERS\OTACILIO\DOWNLOADS\ANTIMALWARESETUP (1).EXE, Quarentena, [0], [392686],1.0.9228 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) LOG DO HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:42:47, on 12/02/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19236) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\DbxSvc.exe C:\Windows\System32\svchost.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe C:\Windows\system32\svchost.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe C:\Contabil\Utilitários\ServicoAgendador.exe C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe C:\Contabil\Utilitários\gerencatu.exe C:\Windows\system32\svchost.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\System32\svchost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\prevhost.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\system32\taskhost.exe C:\Users\Otacilio\Desktop\HijackThis (2).exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Serasa Update.lnk = C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O15 - Trusted Zone: correspondente.sicredi.com.br O15 - Trusted Zone: ibpf.sicredi.com.br O15 - Trusted Zone: ibpj.sicredi.com.br O15 - Trusted Zone: si-plg.sicredi.com.br O15 - Trusted Zone: www.sicredi.com.br O15 - Trusted Zone: internet.sicreditotal.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{CDB80BC6-B425-4DA4-B790-8F2404F4FA87}: NameServer = 4.2.2.1,4.2.2.2 O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\72.0.3626.96\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: ServicoAgendador - Unknown owner - C:\Contabil\Utilitários\ServicoAgendador.exe O23 - Service: ServicoDominioAtendimento - Unknown owner - C:\Contabil\Agente de Comunicação com o Domínio Atendimento\Servico\ServicoDominioAtendimento.exe O23 - Service: ServicoGerenciadorAtualizacao - Unknown owner - C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 11552 bytes
  6. ~ ZHPCleaner v2019.2.11.20 by Nicolas Coolman (2019/02/11) ~ Run by Otacilio (Administrator) (11/02/2019 19:50:32) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Otacilio\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Otacilio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (1) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (20) MOVED file: C:\Windows\Installer\MSI264D.tmp [Serasa Experian - InstallMSI] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSI8250.tmp [Ask Partner Network - Reporter Application] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSIA9B9.tmp [Ask Partner Network - Reporter Application] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSIDCC6.tmp [Ask Partner Network - Reporter Application] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\MSIF28C.tmp [Ask Partner Network - Reporter Application] =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\1a68e0.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\2174b9.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\29ad7c.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\2cfdc1.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\3cba7c.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\a9a87.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\bda14.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\df3f0.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\ee067.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Users\Otacilio\Downloads\antimalwaresetup.exe [Plumbytes Software - Plumbytes Anti-Malware] =>.SUP.Plumbytes MOVED folder: C:\Users\Otacilio\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Otacilio\AppData\LocalLow\Brother =>.SUP.Empty MOVED folder: C:\Users\Otacilio\AppData\LocalLow\EmieBrowserModeList =>.SUP.Empty MOVED folder: C:\Users\Otacilio\AppData\LocalLow\EmieSiteList =>.SUP.Empty MOVED folder: C:\Users\Otacilio\AppData\LocalLow\EmieUserList =>.SUP.Empty ---\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. (Register) ---\ Summary of the elements found (5) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.MSIInstaller https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/2017/09/09/sup-plumbytes/ =>.SUP.Plumbytes https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty ---\ Other deletions. (28) ~ Registry Keys Tracing deleted (26) ~ Remove the old reports ZHPCleaner. (2) ---\ Result of repair ~ Repair carried out successfully ---\ Statistics ~ Items scanned : 1738 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 0 ~ End of clean in 00h01mn03s ---\ Reports (2) ZHPCleaner--11022019-19_43_28.txt ZHPCleaner-[R]-11022019-19_51_35.txt
  7. Fiz os procedimentos no painel de controle do Ccleaner, segue abaixo o log do hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:06:52, on 11/02/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19236) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe C:\PROGRA~1\GbPlugin\GbpSv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\DbxSvc.exe C:\Windows\System32\svchost.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe C:\Windows\system32\svchost.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe C:\Contabil\Utilitários\ServicoAgendador.exe C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe C:\Contabil\Utilitários\gerencatu.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\System32\svchost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Dropbox\Client\QtWebEngineProcess.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Otacilio\Downloads\HijackThis (2).exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Serasa Update.lnk = C:\Program Files\Serasa Experian\Service\eSfUpdateForm.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: www.google.com.br O15 - Trusted Zone: www.itau.b.br O15 - Trusted Zone: *.itau.b.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: banklineplus.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: www.itaupersonnalite.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O15 - Trusted Zone: correspondente.sicredi.com.br O15 - Trusted Zone: ibpf.sicredi.com.br O15 - Trusted Zone: ibpj.sicredi.com.br O15 - Trusted Zone: si-plg.sicredi.com.br O15 - Trusted Zone: www.sicredi.com.br O15 - Trusted Zone: internet.sicreditotal.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{CDB80BC6-B425-4DA4-B790-8F2404F4FA87}: NameServer = 4.2.2.1,4.2.2.2 O20 - Winlogon Notify: GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe O23 - Service: Serviço Atualização do Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: Serviço Atualização do Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Serasa Update (SerasaUpdate) - Serasa Experian - C:\Program Files\Serasa Experian\Service\SerasaUpdate.exe O23 - Service: ServicoAgendador - Unknown owner - C:\Contabil\Utilitários\ServicoAgendador.exe O23 - Service: ServicoDominioAtendimento - Unknown owner - C:\Contabil\Agente de Comunicação com o Domínio Atendimento\Servico\ServicoDominioAtendimento.exe O23 - Service: ServicoGerenciadorAtualizacao - Unknown owner - C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 11942 bytes
×