Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Qui 21 Set 2017, 10:37

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Chrome fecha quando acesso internet banking caixa

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 08:26

Fala aew, pessoal. Blz?
Estou com um problema para acessar sites de banco, principalmente o da Caixa.
Quando eu tento acessar o internet banking no Chrome ele fecha e abre o site do internet banking no IE.

Já tentei segui o tutorial disponível aqui [Você precisa estar registrado e conectado para ver este link.] mas não funcionou como esperava.

Alguém aí poderia me ajudar?
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 08:46

/!\ Bom Dia! Steve Rogers /!\

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< Farbar Recovery Scan Tool 64-Bit

> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver esta imagem.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 09:21

Ok.

Rodei o FRST e gerei os relatórios incluindo o Addiction.

Seguem os logs

Addiction: [Você precisa estar registrado e conectado para ver este link.]

FRST: [Você precisa estar registrado e conectado para ver este link.]
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 09:45

/!\ Bom Dia! Steve Rogers /!\

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as na pasta Downloads! /!\ C:\Users\Andrea\Downloads /!\

start
CloseProcesses:
emptytemp:
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\...\Run: [bordart07] => regsvr32 /s "C:\Users\Andrea\AppData\Roaming\\BORDART07.jpg" <===== ATTENTION
CHR HKU\S-1-5-21-4170564532-3963732-2529252770-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
Toolbar: HKU\S-1-5-21-4170564532-3963732-2529252770-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-4170564532-3963732-2529252770-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [68352 2013-08-27] (Baidu, Inc.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-01-27 08:51 - 2015-01-27 08:57 - 00000000 ___SD () C:\ComboFix
2015-01-27 08:51 - 2011-06-26 04:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-27 08:51 - 2010-11-07 15:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-27 08:51 - 2009-04-20 02:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-27 08:50 - 2015-01-27 08:51 - 00000000 ____D () C:\Qoobox
2015-01-27 08:48 - 2015-01-27 08:49 - 05610622 ____R (Swearware) C:\Users\Andrea\Downloads\ComboFix.exe
2015-01-27 07:52 - 2015-01-27 07:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrea\Downloads\HijackThis (1).exe
2015-01-27 07:52 - 2015-01-27 07:52 - 00009493 _____ () C:\Users\Andrea\Downloads\hijackthis.log
2015-01-27 07:51 - 2015-01-27 07:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrea\Downloads\HijackThis.exe
2015-01-26 16:49 - 2015-01-26 16:49 - 00000098 _____ () C:\Users\Andrea\Desktop\resolução chrome vs ie.txt
2015-01-27 09:07 - 2012-10-08 16:41 - 01843346 _____ () C:\Windows\WindowsUpdate.log
2015-01-27 09:03 - 2009-07-14 02:39 - 00096490 _____ () C:\Windows\setupact.log
2015-01-27 09:00 - 2012-10-09 08:56 - 00073974 _____ () C:\Windows\PFRO.log
Task: {D7F79FAC-61B8-4F85-9AFC-31630560A1DB} - System32\Tasks\DSite => C:\Users\Andrea\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F1485F05-1397-488C-897C-CC51720ED85D} - \DealPly No Task File <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\Andrea\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\Andrea\AppData\Local\Temp\.gbas.dll
C:\Users\Andrea\AppData\Local\Temp\APNSetup.exe
C:\Users\Andrea\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.39149.exe
C:\Users\Andrea\AppData\Local\Temp\catchme.dll
C:\Users\Andrea\AppData\Local\Temp\cbSetupE.exe
C:\Users\Andrea\AppData\Local\Temp\gbpcef.exe
C:\Users\Andrea\AppData\Local\Temp\ICReinstall_internet-explorer-90-final-baixaki-32-bits[1].exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Andrea\AppData\Local\Temp\MotoCast_Installer_2.0304.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0403.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0405.exe
C:\Users\Andrea\AppData\Local\Temp\nitro_reader3.exe
C:\Users\Andrea\AppData\Local\Temp\oi_{4D45D4CA-0A0D-4071-99FD-00E7C4A8F81E}.exe
C:\Users\Andrea\AppData\Local\Temp\ose00000.exe
C:\Users\Andrea\AppData\Local\Temp\tzf2gk0g.dll
C:\Users\Andrea\AppData\Local\Temp\uninst1.exe
C:\Users\Andrea\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Andrea\AppData\Local\Temp\uttA167.tmp.exe
CMD: ipconfig /flushdns
end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

[Você precisa estar registrado e conectado para ver esta imagem.]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 10:05

Após este procedimento eu tentei acessar o Internet Banking da caixa e ele funcionou.
Você me aconselha mais um procedimento?

Segue o fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-01-2015 01
Ran by Andrea at 2015-01-27 09:51:57 Run:1
Running from C:\Users\Andrea\Downloads
Loaded Profiles: Andrea (Available profiles: Andrea)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
emptytemp:
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\...\Run: [bordart07] => regsvr32 /s "C:\Users\Andrea\AppData\Roaming\\BORDART07.jpg" <===== ATTENTION
CHR HKU\S-1-5-21-4170564532-3963732-2529252770-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
Toolbar: HKU\S-1-5-21-4170564532-3963732-2529252770-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-4170564532-3963732-2529252770-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [68352 2013-08-27] (Baidu, Inc.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-01-27 08:51 - 2015-01-27 08:57 - 00000000 ___SD () C:\ComboFix
2015-01-27 08:51 - 2011-06-26 04:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-27 08:51 - 2010-11-07 15:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-27 08:51 - 2009-04-20 02:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-27 08:51 - 2000-08-30 22:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-27 08:50 - 2015-01-27 08:51 - 00000000 ____D () C:\Qoobox
2015-01-27 08:48 - 2015-01-27 08:49 - 05610622 ____R (Swearware) C:\Users\Andrea\Downloads\ComboFix.exe
2015-01-27 07:52 - 2015-01-27 07:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrea\Downloads\HijackThis (1).exe
2015-01-27 07:52 - 2015-01-27 07:52 - 00009493 _____ () C:\Users\Andrea\Downloads\hijackthis.log
2015-01-27 07:51 - 2015-01-27 07:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrea\Downloads\HijackThis.exe
2015-01-26 16:49 - 2015-01-26 16:49 - 00000098 _____ () C:\Users\Andrea\Desktop\resolução chrome vs ie.txt
2015-01-27 09:07 - 2012-10-08 16:41 - 01843346 _____ () C:\Windows\WindowsUpdate.log
2015-01-27 09:03 - 2009-07-14 02:39 - 00096490 _____ () C:\Windows\setupact.log
2015-01-27 09:00 - 2012-10-09 08:56 - 00073974 _____ () C:\Windows\PFRO.log
Task: {D7F79FAC-61B8-4F85-9AFC-31630560A1DB} - System32\Tasks\DSite => C:\Users\Andrea\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F1485F05-1397-488C-897C-CC51720ED85D} - \DealPly No Task File <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\Andrea\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\Andrea\AppData\Local\Temp\.gbas.dll
C:\Users\Andrea\AppData\Local\Temp\APNSetup.exe
C:\Users\Andrea\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.39149.exe
C:\Users\Andrea\AppData\Local\Temp\catchme.dll
C:\Users\Andrea\AppData\Local\Temp\cbSetupE.exe
C:\Users\Andrea\AppData\Local\Temp\gbpcef.exe
C:\Users\Andrea\AppData\Local\Temp\ICReinstall_internet-explorer-90-final-baixaki-32-bits[1].exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Andrea\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Andrea\AppData\Local\Temp\MotoCast_Installer_2.0304.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0403.exe
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0405.exe
C:\Users\Andrea\AppData\Local\Temp\nitro_reader3.exe
C:\Users\Andrea\AppData\Local\Temp\oi_{4D45D4CA-0A0D-4071-99FD-00E7C4A8F81E}.exe
C:\Users\Andrea\AppData\Local\Temp\ose00000.exe
C:\Users\Andrea\AppData\Local\Temp\tzf2gk0g.dll
C:\Users\Andrea\AppData\Local\Temp\uninst1.exe
C:\Users\Andrea\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Andrea\AppData\Local\Temp\uttA167.tmp.exe
CMD: ipconfig /flushdns
end
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Microsoft\Windows\CurrentVersion\Run\\bordart07 => value deleted successfully.
"HKU\S-1-5-21-4170564532-3963732-2529252770-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKU\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key deleted successfully.
Bhbase => Unable to stop service
Bhbase => Service deleted successfully.
BprotectEx => Service deleted successfully.
catchme => Service deleted successfully.
motccgpfl => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
C:\ComboFix => Moved successfully.
C:\Windows\PEV.exe => Moved successfully.
C:\Windows\MBR.exe => Moved successfully.
C:\Windows\NIRCMD.exe => Moved successfully.
C:\Windows\SWREG.exe => Moved successfully.
C:\Windows\SWSC.exe => Moved successfully.
C:\Windows\sed.exe => Moved successfully.
C:\Windows\grep.exe => Moved successfully.
C:\Windows\zip.exe => Moved successfully.
C:\Qoobox => Moved successfully.
C:\Users\Andrea\Downloads\ComboFix.exe => Moved successfully.
C:\Users\Andrea\Downloads\HijackThis (1).exe => Moved successfully.
C:\Users\Andrea\Downloads\hijackthis.log => Moved successfully.
C:\Users\Andrea\Downloads\HijackThis.exe => Moved successfully.
C:\Users\Andrea\Desktop\resolução chrome vs ie.txt => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7F79FAC-61B8-4F85-9AFC-31630560A1DB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7F79FAC-61B8-4F85-9AFC-31630560A1DB}" => Key deleted successfully.
C:\Windows\System32\Tasks\DSite => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1485F05-1397-488C-897C-CC51720ED85D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1485F05-1397-488C-897C-CC51720ED85D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly" => Key deleted successfully.
C:\Windows\Tasks\DSite.job => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\.gbas.dll => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\APNSetup.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.39149.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\catchme.dll => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\cbSetupE.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\gbpcef.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\ICReinstall_internet-explorer-90-final-baixaki-32-bits[1].exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\jre-8u31-windows-au.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\MotoCast_Installer_2.0304.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0403.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\MotorolaDeviceManager_2.0405.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\nitro_reader3.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\oi_{4D45D4CA-0A0D-4071-99FD-00E7C4A8F81E}.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\tzf2gk0g.dll => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\UNINSTALL.EXE => Moved successfully.
C:\Users\Andrea\AppData\Local\Temp\uttA167.tmp.exe => Moved successfully.

=========  ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= End of CMD: =========

EmptyTemp: => Removed 3 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-27 10:00:53)<=

C:\Windows\WindowsUpdate.log => Is moved successfully.

==== End of Fixlog 10:00:53 ====
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 10:24

/!\ Bom Dia! Steve Rogers /!\

Steve Rogers escreveu:Após este procedimento eu tentei acessar o Internet Banking da caixa e ele funcionou.
> E o acesso foi pelo seu navegador Google Chrome?
> O seu navegador IE,ainda está na versão 8. Foi vc que aceitou essa condição?

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... par Xplode )
>
> Ou daqui: < AdwCleaner >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 10:31

E o acesso foi pelo seu navegador Google Chrome?
O seu navegador IE,ainda está na versão 8. Foi vc que aceitou essa condição.

Acessei pelo chrome.
Este computador estava com o windows update desativado.
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 10:39

Segue o Relatório do ADWCleaner:

# AdwCleaner v4.109 - Relatório criado 27/01/2015 às 10:32:54
# Atualizado 24/01/2015 por Xplode
# Database : 2015-01-26.1 [Live]
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : Andrea - BORDART07
# Executando de : C:\Users\Andrea\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\AVG Secure Search
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\Tarma Installer
Pasta Deletada : C:\Program Files\AVG Secure Search
Pasta Deletada : C:\Program Files\ShowMyPCService
Pasta Deletada : C:\Program Files\Common Files\AVG Secure Search
Pasta Deletada : C:\Users\Andrea\AppData\Local\AVG Secure Search
Pasta Deletada : C:\Users\Andrea\AppData\Local\FileViewPro
Pasta Deletada : C:\Users\Andrea\AppData\LocalLow\Delta
Pasta Deletada : C:\Users\Andrea\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Andrea\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\Andrea\AppData\Roaming\DigitalSites
Pasta Deletada : C:\Users\Andrea\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Andrea\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Andrea\Documents\Updater
Arquivo Deletada : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\w3s6g7zc.default\invalidprefs.js
Arquivo Deletada : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Arquivo Deletada : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\w3s6g7zc.default\user.js

***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Chave Deletedo : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Chave Deletedo : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Chave Deletedo : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Chave Deletedo : HKCU\Software\AVG Secure Search
Chave Deletedo : HKCU\Software\BABSOLUTION
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\AppDataLow\Software\findlyrics
Chave Deletedo : HKLM\SOFTWARE\AVG Security Toolbar
Chave Deletedo : HKLM\SOFTWARE\Delta
Chave Deletedo : HKLM\SOFTWARE\systweak
Chave Deletedo : HKLM\SOFTWARE\Tarma Installer

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v31.0 (x86 en-US)

[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.admin", false);
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.aflt", "babsst");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.autoRvrt", "false");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.bbDpng", "31");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.cntry", "BR");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.dfltLng", "pt");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.excTlbr", false);
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true);
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.hdrMd5", "DF587F4FBF834C0A7ED2BD8B6B2775E9");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.id", "de3988b2000000000000001cc0435dc5");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.instlDay", "15951");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.instlRef", "sst");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.lastVrsnTs", "1.8.24.611:41:39");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.newTab", false);
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.prdct", "delta");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.prtnrId", "delta");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.rvrt", "false");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.sg", "azb");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.smplGrp", "none");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.tlbrId", "base");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", "");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.vrsn", "1.8.24.6");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.24.611:41:39");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta.vrsni", "1.8.24.6");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta_i.babExt", "");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=121225&tsp=4994");
[w3s6g7zc.default\prefs.js] - Linha deletada : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v40.0.2214.91


*************************

AdwCleaner[R0].txt - [8060 octets] - [27/01/2015 10:29:57]
AdwCleaner[S0].txt - [8050 octets] - [27/01/2015 10:32:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8110 octets] ##########


avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 10:50

Steve Rogers escreveu:
E o acesso foi pelo seu navegador Google Chrome?
O seu navegador IE,ainda está na versão 8. Foi vc que aceitou essa condição.

Acessei pelo chrome.
Este computador estava com o windows update desativado.
/!\ Ok! Steve Rogers /!\

> Resta-nos,apenas a busca por adwares com o AdwCleaner.

... Editando!

Ok! Já realizado!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by Oleg N. Scherbakov )

> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Você precisa estar registrado e conectado para ver esta imagem.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 10:59

Segue relatório:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x86
Ran by Andrea on 27/01/2015 at 10:55:08,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Baidu PC Faster Update



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\ProgramData\application data\baidu security"
Successfully deleted: [Folder] "C:\Users\Andrea\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Program Files\baidu security"



~~~ FireFox

Emptied folder: C:\Users\Andrea\AppData\Roaming\mozilla\firefox\profiles\w3s6g7zc.default\minidumps [11 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/01/2015 at 10:57:50,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 11:12

/!\ Bom Dia! Steve Rogers /!\

###
Successfully deleted: [File] C:\Windows\System32\Tasks\Baidu PC Faster Update
###
> A JRT apontou uma tarefa do Baidu PC Faster,em sua máquina. 
> Vamos,então,ínvestigar sua presença maliciosa com a Zoek.


> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by Smeenk )

< [Você precisa estar registrado e conectado para ver esta imagem.] zoek.exe >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.


emptyfolderscheck;delete
ipconfig /flushdns;b
quickscan;
emptytemp;
emptyclsid;
autoclean;
Baidu;a
Baidu;z 


> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 13:26

Opa. Foi mal a demora. Eu estava almoçando. rs

Segue abaixo o relatório:


Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Andrea on 27/01/2015 at 11:15:51,11.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andrea\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27/01/2015 11:16:58 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\FreeTime deleted successfully
C:\PROGRA~2\firebird deleted successfully
C:\Users\Andrea\AppData\Roaming\img deleted successfully
C:\Users\Andrea\AppData\Local\CUSTPDF Writer deleted successfully
C:\Users\Andrea\AppData\Local\Safe mirror deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.3.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater15.3.0 deleted successfully

==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\iunidanfe3.exe deleted
C:\Users\Andrea\AppData\Roaming\WB.CFG deleted
C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\AVG January 2013 Campaign deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted
C:\Windows\system32\tasks\ROC_REG_JAN_DELETE deleted
C:\Users\Andrea\AppData\Roaming\unins000.exe deleted
C:\Users\Andrea\AppData\Roaming\unins001.exe deleted
"C:\Users\Andrea\AppData\Roaming\bo" deleted
"C:\Users\Andrea\AppData\Roaming\bor" deleted
"C:\Users\Andrea\AppData\Roaming\id" deleted
"C:\Users\Andrea\AppData\Roaming\iv" deleted
"C:\Users\Andrea\AppData\Roaming\LaserPrinter" deleted
"C:\Users\Andrea\AppData\Roaming\LaunchAgents" deleted
"C:\Users\Andrea\AppData\Roaming\Legacy" deleted
"C:\Users\Andrea\AppData\Roaming\lg" deleted
"C:\ProgramData\Light Machine" deleted
"C:\ProgramData\Limiter" deleted

==== Folders Found ======================

2013-09-03 14:40:43 2013-09-03 14:43:28 -------- d-----w- C:\Users\Public\Documents\Baidu Security

==== Files Found ======================


--- C:\FRST\Quarantine\C\Users\Andrea\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.39149.exe.xBAD ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 3.7.1.39149
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 9754600
Created time: 2013-09-03 14:40:50
Modified time: 2013-09-03 14:40:50
MD5: 348165F6E174E59EF993CBE17AFAED50
SHA1: 7C187DB832FBC9E37E2C782611E53F0BB7E8E1A0


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98C2EC86-5DAC-4591-BD74-B26D17F55A75}]
"Path"="\\Baidu PC Faster Update"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py-appstore/get_channel_info_appstore.cgi?install_channel=pcf&version=3.8.8.1435&errorcode=0&errortext=&userid=S16OJ50Q-001CC0435DC5!fb1c6ddb-b944-4757-b6d4-c7776ac71f78@#001CC0435DC5&install_time=2013-09-03 14:43:31"

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Install]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Statistic]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\UUReport]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\Setup]

"C:\\Users\\Andrea\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\2D1GID0Y\\JavaSetup7u21[1].exe"=dword:00000001
"C:\\Program Files\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Andrea\AppData\Local\Temp ====
2015-01-27 12:54:51 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\libiconv2.dll
2015-01-27 12:54:51 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\libintl3.dll
2015-01-27 12:54:51 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\pcre3.dll
2015-01-27 12:54:51 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\regex2.dll
2015-01-27 12:54:51 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\system32 =====
2015-01-27 11:31:13 EC6E2DB67695966DF22CF5EBEFC1D305 2425856 ----a-w- C:\Windows\System32\wucltux.dll
2015-01-27 11:31:13 D9B0134913E5EF007AF82A418C503322 1973728 ----a-w- C:\Windows\System32\wuaueng.dll
2015-01-27 11:31:13 459E257F8915D44B23ACB46211FD45D0 45536 ----a-w- C:\Windows\System32\wups2.dll
2015-01-27 11:31:13 072678E0D68E9C3A7960328671134C7B 54240 ----a-w- C:\Windows\System32\wuauclt.exe
2015-01-27 11:30:46 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\System32\wuapp.exe
2015-01-27 11:30:46 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\Windows\System32\wuwebv.dll
2015-01-26 15:22:25 39B981380EFB66426797F124F563FEA0 249488 ------w- C:\Windows\System32\MpSigStub.exe
====== C:\Windows\system32\drivers =====
2015-01-26 17:47:56 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-26 17:47:02 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-01-26 17:47:02 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-01-26 17:47:02 312CD3307F600E7CD340B79B3DCB3A01 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
====== C:\Windows\Tasks ======
2015-01-26 16:43:54 9A22C9E472F38194E2344FE5AD55B439 4052 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 16:43:54 1A5C0AA65B29F35CBAAD5AC17CBCD16E 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 16:43:53 2EB2581F845B5E30BA0D8119B4F78523 3800 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2015-01-26 16:43:53 2D89CD424C1536D9FDECAA2B130F8A2E 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 14:17:15 266841A7BDC89673A9F096DD4696CB12 2976 ----a-w- C:\Windows\system32\Tasks\{37CB71F6-5F53-4E04-9AFE-34959F61E26D}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-26 10:55:13 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Andrea\AppData\Roaming ======
2015-01-26 13:33:01 D2EED743FB31C3F1BE60039014D74AC0 1346560 ----a-w- C:\Users\Andrea\AppData\Roaming\BORDART07.jpg
====== C:\Users\Andrea ======
2015-01-27 12:54:24 B9E1BF24EF01A82701B09BE75D294085 1707939 ----a-w- C:\Users\Andrea\Downloads\JRT.exe
2015-01-27 12:27:40 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Andrea\Downloads\AdwCleaner.exe
2015-01-27 11:14:33 6A0496D0BCEE7603BDF38400985EB21A 1120768 ----a-w- C:\Users\Andrea\Downloads\FRST.exe
2015-01-27 10:40:55 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\Andrea\Downloads\herdProtectScan_Setup.exe
2015-01-26 17:25:49 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Andrea\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-26 16:52:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 16:42:38 216BD483242A6784C6EDA54EBBC04C68 880784 ----a-w- C:\Users\Andrea\Downloads\ChromeSetup.exe
2015-01-16 14:47:39 2123398BDE228CF2DD18664BA0F2AD9C 1835239 ----a-w- C:\Users\Andrea\Downloads\setupjaneiro (1).exe
2015-01-16 14:47:16 2123398BDE228CF2DD18664BA0F2AD9C 1835239 ----a-w- C:\Users\Andrea\Downloads\setupjaneiro.exe

====== C: exe-files ==
2015-01-27 12:54:51 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2015-01-27 12:54:24 B9E1BF24EF01A82701B09BE75D294085 1707939 ----a-w- C:\Users\Andrea\Downloads\JRT.exe
2015-01-27 12:27:40 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Andrea\Downloads\AdwCleaner.exe
2015-01-27 11:31:13 072678E0D68E9C3A7960328671134C7B 54240 ----a-w- C:\Windows\System32\wuauclt.exe
2015-01-27 11:30:46 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\System32\wuapp.exe
2015-01-27 11:14:33 6A0496D0BCEE7603BDF38400985EB21A 1120768 ----a-w- C:\Users\Andrea\Downloads\FRST.exe
2015-01-27 10:40:55 172ED33198484DF87FA015B695EAAD80 2873112 ----a-w- C:\Users\Andrea\Downloads\herdProtectScan_Setup.exe
2015-01-27 09:49:30 220A0B7B557EFEF7C399CDC1E9DBDA2D 875088 ----a-w- C:\Program Files\Google\Update\Install\{3F61FC7E-ABA3-4A53-9F63-1961016017C3}\40.0.2214.93_40.0.2214.91_chrome_updater.exe
2015-01-27 09:49:30 220A0B7B557EFEF7C399CDC1E9DBDA2D 875088 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome_updater.exe
2015-01-26 17:25:49 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Andrea\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-26 16:52:20 EAA14B9118EEEFA1FAF152FA8162A30A 41168464 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\40.0.2214.91\40.0.2214.91_chrome_installer.exe
2015-01-26 16:43:51 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
2015-01-26 16:43:51 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
2015-01-26 16:43:50 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe
2015-01-26 16:43:50 216BD483242A6784C6EDA54EBBC04C68 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
2015-01-26 16:43:47 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe
2015-01-26 16:43:47 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
2015-01-26 16:43:47 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
2015-01-26 16:43:47 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
2015-01-26 16:42:38 216BD483242A6784C6EDA54EBBC04C68 880784 ----a-w- C:\Users\Andrea\Downloads\ChromeSetup.exe
2015-01-26 15:22:25 39B981380EFB66426797F124F563FEA0 249488 ------w- C:\Windows\System32\MpSigStub.exe
2015-01-26 10:54:26 B0D46640968F989830413EB88F43E0D0 0 ----a-we C:\Users\Todos os Usuários\Oracle\Java\javapath\java.exe
2015-01-26 10:54:26 B0D46640968F989830413EB88F43E0D0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe
2015-01-26 10:54:26 52C8B9FD016E6317FDB151296FF90877 0 ----a-we C:\Users\Todos os Usuários\Oracle\Java\javapath\javaws.exe
2015-01-26 10:54:26 52C8B9FD016E6317FDB151296FF90877 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-01-26 10:54:26 3E72E1AB196855916E2065C604674631 0 ----a-we C:\Users\Todos os Usuários\Oracle\Java\javapath\javaw.exe
2015-01-26 10:54:26 3E72E1AB196855916E2065C604674631 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-01-26 10:54:18 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe
2015-01-26 10:54:18 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe
2015-01-26 10:54:18 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe
2015-01-26 10:54:18 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-01-26 10:54:18 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe
2015-01-26 10:54:18 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe
2015-01-26 10:54:18 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe
2015-01-26 10:54:18 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe
2015-01-26 10:54:18 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe
2015-01-26 10:54:17 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe
2015-01-26 10:54:17 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-01-26 10:54:17 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe
2015-01-26 10:54:17 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe
2015-01-26 10:54:17 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe
2015-01-26 10:54:17 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe
2015-01-26 10:54:17 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe
2015-01-26 10:54:17 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\klist.exe
2015-01-26 10:54:16 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe
2015-01-26 10:54:16 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe
2015-01-26 10:54:16 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\java.exe
2015-01-26 10:54:16 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe
2015-01-21 15:43:32 FA18A83CD2D176C72692F149C549E247 1374032 ----a-w- C:\Users\Andrea\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
=== C: other files ==
2015-01-27 12:54:51 F720D6634E048B0AD485CEEF55263E6B 191092 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\misc.bat
2015-01-27 12:54:51 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\prelim.bat
2015-01-27 12:54:51 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\TDL4.bat
2015-01-27 12:54:51 C4C784C659C27DB5ED395A7901611C71 14957 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\get.bat
2015-01-27 12:54:51 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\medfos.bat
2015-01-27 12:54:51 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\surfvox.bat
2015-01-27 12:54:51 A3945FA06DB607245C6A1D0629CE737E 11057 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\runvalues.bat
2015-01-27 12:54:51 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\searchlnk.bat
2015-01-27 12:54:51 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\firefox.bat
2015-01-27 12:54:51 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\ev_clear.bat
2015-01-27 12:54:51 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\ask.bat
2015-01-27 12:54:51 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\iexplore.bat
2015-01-27 12:54:51 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\delfolders.bat
2015-01-27 12:54:51 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\mws.bat
2015-01-27 12:54:51 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Andrea\AppData\Local\Temp\jrt\chrome.bat
2015-01-27 10:52:38 CD95E5EEE86D6100AF546EA783BEE743 5959 ----a-w- C:\FRST\Quarantine\C\Qoobox\BackEnv\SetPath.bat
2015-01-26 17:47:56 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-26 17:47:02 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-01-26 17:47:02 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-01-26 17:47:02 312CD3307F600E7CD340B79B3DCB3A01 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-01-26 10:54:18 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip
2015-01-21 10:40:07 13E5CA111FEBEFCEE654DAF54E7C2534 121830 ----a-w- C:\Users\Todos os Usuários\AVG2015\IDS\outbox\tmp_0bc0783e-9768-47cd-b587-d15586a7b436.zip
2015-01-21 10:40:07 13E5CA111FEBEFCEE654DAF54E7C2534 121830 ----a-w- C:\ProgramData\AVG2015\IDS\outbox\tmp_0bc0783e-9768-47cd-b587-d15586a7b436.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"uTorrent"="C:\Users\Andrea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"ORDAR"="regsvr32.exe /s C:\Users\Andrea\AppData\Roaming\img.jpg #nbvc2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
"Cobian Backup 10"="C:\Program Files\Cobian Backup 10\Cobian.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY"
"wdbraz_certm"="C:\Windows\system32\Watchdata\Watchdata Brazil CSP v1.0\BBCertM32.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Nikon Message Center 2"="C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"uTorrent"="C:\Users\Andrea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"ORDAR"="regsvr32.exe /s C:\Users\Andrea\AppData\Roaming\img.jpg #nbvc2"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26/01/2015 09:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/01/2015 14:43]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/01/2015 14:43]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-bordart07-Andrea" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Motorola Device Manager Engine" ["C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\system32\tasks\Motorola Device Manager Initial Update" ["C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\system32\tasks\Motorola Device Manager Update" ["C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\{37CB71F6-5F53-4E04-9AFE-34959F61E26D}" [C:\Program Files\Google\Chrome\Application\chrome.exe]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886D}"="C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\cef\xpi" [13/01/2015 08:40]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\w3s6g7zc.default
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
0FC325593893749364EC4A733E7D9100 - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
225D76851EFC6144B4BAD941B3E8989D - C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U31
B66B4D28D7D0C6322FF235C782CD6B76 - C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.310.13
6C5C8D59CF0FAB004AB572F4F11BC5E0 - C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
BFD1CDA328C83054154DD05EA233F79B - C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
9CD7CD8FD07718851DD8081CDF8CA3E7 - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll - AdobeExManDetect
1BC054CA69E22CC7B32AE82AA0457927 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome
F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect
406106D91D3F86FD34EC194940855746 - C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal
8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight
AB7BC83EBDA774734D0F476A39F69B67 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library
FEF2637C0848281FD2C0FAD928DCDECA - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer
41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.91 (Possible outdated, latest Stable version: 40.0.2214.93)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 19:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nnjbodopomfddehlalfilheomcahbpei - C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx[28/07/2014 09:41]
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Andrea\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[23/05/2014 12:07]

Google Slides - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei
GBBD Caixa Economica Federal - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
GBBD Banco do Brasil - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh
Gmail - Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67WLDNWK will be deleted at reboot
C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JU7YB4XK will be deleted at reboot
C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCEDX0N4 will be deleted at reboot
C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NM4H8HQB will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYLQ3VB will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETA933EC will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OIRXAZ6K will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHXKJ5HN will be deleted at reboot
C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=53 folders=5 21806939 bytes)

==== Empty Temp Folders ======================

C:\Users\Andrea\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Usuário Padrão\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Andrea\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67WLDNWK" not found
"C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JU7YB4XK" not found
"C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCEDX0N4" not found
"C:\Users\Andrea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NM4H8HQB" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYLQ3VB" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETA933EC" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OIRXAZ6K" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHXKJ5HN" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 27/01/2015 at 13:21:15,20 ======================
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 14:03

/!\ Boa Tarde! Steve Rogers /!\

> Abra a ferramenta Zoek.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}];r
"DllName"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}];r
"DllName"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98C2EC86-5DAC-4591-BD74-B26D17F55A75}];r
"Path"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update];r
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000];ra
"DeviceDesc"=-;ra
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000];ra
"DeviceDesc"=-;ra
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000];ra
"DeviceDesc"=-;ra
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000];ra
"DeviceDesc"=-;ra
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000];ra
"DeviceDesc"=-;ra
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000];ra
"DeviceDesc"=-;ra
[-HKEY_USERS\.DEFAULT\Software\Baidu Security];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm];r
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527];r
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527];r
"url"=-;r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\DataReport];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\Setup];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\CleanRecord];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Install];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Statistic];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\UUReport];r
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport];r
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport];r
"c:\\programdata\\baidu security\\rpdata"=-;r
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\Setup];r
"C:\\Users\\Andrea\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\2D1GID0Y\\JavaSetup7u21[1].exe"=-;r
"C:\\Program Files\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-;r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm];r
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport];r
C:\Users\Public\Documents\Baidu Security;fs
 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

[Você precisa estar registrado e conectado para ver esta imagem.]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 14:16

Segue relatório:


Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Andrea on 27/01/2015 at 14:09:45,17.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andrea\Downloads\zoek.exe.pif [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-01-27-152115.log 35475 bytes

==== Registry Lines To Reset ACL ======================

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000 Not Found or Not Reset
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000 Not Found or Not Reset
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000 Not Found or Not Reset
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000 Not Found or Not Reset
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000 Not Found or Not Reset
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000 Not Found or Not Reset

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98C2EC86-5DAC-4591-BD74-B26D17F55A75}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527]
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\Install\13335527]
"url"=-
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\3.8.8.1435\LastReportTime]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Install]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\3.7.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[HKEY_USERS\S-1-5-21-4170564532-3963732-2529252770-1000\Software\Baidu Security\PC Faster\Setup]
"C:\\Users\\Andrea\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\2D1GID0Y\\JavaSetup7u21[1].exe"=-
"C:\\Program Files\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Deleting Files \ Folders ======================

C:\Users\Public\Documents\Baidu Security deleted

==== C:\zoek_backup content ======================

C:\zoek_backup (files=56 folders=16 21807312 bytes)

==== EOF on 27/01/2015 at 14:11:10,78 ======================
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 14:20

/!\ Boa Tarde! Steve Rogers /!\

> Este não é o relatório e sim uma cópia do script que lhe passei,para ser colado no campo da Zoek.

... Editando!

> Agora ao editar,o relatório veio corretamente.   isso aí!

> Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 14:33

Consegui baixar em outro lugar aqui. :cap_feceiro: :cap_feceiro: :cap_feceiro:
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Steve Rogers em Ter 27 Jan 2015, 14:55

Deu certo. Funcionou tudo certinho. Vlw msm. Obrigado.
avatar
Steve Rogers
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 27/01/2015
Idade : 29

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por joram em Ter 27 Jan 2015, 15:18

Caso Resolvido

Necessitando nova verificação para este computador,basta abrir "Novo Tópico" e relatar o problema.

_________________
Fórum PC Brasil >> O que há de melhor,para desinfectar seu computador!
Fórum SecSecurity >> Não deixem de conhecer!
Fórum iMasters >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Chrome fecha quando acesso internet banking caixa

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum