Runscanner logfile http://www.runscanner.net * = signed file - = file not found General info ------------ Computer name : PAULO-PC Creation time : 08/03/2016 21:30:55 Hosts <> 127.0.0.1 : 0 Hosts file location : %SystemRoot%\System32\drivers\etc IE version : 9.11.9600.17801 OS : Windows 7 Ultimate OS Build : 7601 OS SP : Service Pack 1 RunScanner Version : 2.0.0.60 User Language : Português (Brasil) User rights : Administrator Windows folder : C:\Windows Running processes ----------------- * C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) * C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) * C:\Windows\System32\atieclxx.exe (AMD) * C:\Windows\System32\atiesrxx.exe (AMD) * C:\Windows\System32\wininit.exe (Microsoft Corporation) * C:\Windows\System32\winlogon.exe (Microsoft Corporation) * C:\Windows\System32\services.exe (Microsoft Corporation) * C:\Windows\System32\spoolsv.exe (Microsoft Corporation) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) * C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation) * C:\Program Files\GVT\fshoster32.exe (F-Secure Corporation) * C:\Program Files\GVT\fshoster32.exe (F-Secure Corporation) * C:\Program Files\GVT\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) * C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\fssm32.exe (F-Secure Corporation) * C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) * C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA) * C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA) * C:\PROGRA~1\GbPlugin\GbpSv.exe (GAS Tecnologia) * C:\Windows\System32\dwm.exe (Microsoft Corporation) * C:\Windows\System32\smss.exe (Microsoft Corporation) * C:\Windows\System32\taskmgr.exe (Microsoft Corporation) * C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) * C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation) * C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) * C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) * C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) * C:\Windows\system32\audiodg.exe (Microsoft Corporation) * C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) * C:\Windows\System32\lsass.exe (Microsoft Corporation) * C:\Windows\System32\taskeng.exe (Microsoft Corporation) * C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) * C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) * C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) * C:\Windows\System32\perfmon.exe (Microsoft Corporation) * C:\Program Files\AppBrad\NetExpressUpdater.exe * C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\taskhost.exe (Microsoft Corporation) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc) * C:\Users\lucas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC3L74V7\runscanner.exe (Runscanner.net) * C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) * C:\Windows\System32\lsm.exe (Microsoft Corporation) C:\Program Files\Popcorn Time\Updater.exe (Popcorn Time) * C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) * C:\Windows\explorer.exe (Microsoft Corporation) * C:\Windows\System32\msiexec.exe (Microsoft Corporation) Unrated items ------------- 002 C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) 002 * C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA) 002 * C:\Program Files\GVT\fshoster32.exe (F-Secure Corporation) 002 * C:\Program Files\GVT\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) 002 C:\Program Files\RaidCall.BR\raidcall.exe (RAIDCALL.COM) 002 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) 002 * C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) 003 * C:\Users\lucas\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.) 003 * C:\Program Files\Origin\Origin.exe (Electronic Arts) 003 * C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) 003 * C:\Program Files\Steam\steam.exe (Valve Corporation) 010 * C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service) 010 * C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service) 010 * C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 20.0 r0) 010 * C:\Program Files\Common Files\BattlEye\BEService.exe (BEService.exe) 010 * C:\Program Files\GVT\fshoster32.exe (F-Secure Host Process) 010 * C:\Program Files\GVT\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Management Agent) 010 * C:\Program Files\GVT\apps\CCF_Reputation\fsorsp.exe (F-Secure ORSP Service) 010 * C:\PROGRA~1\GbPlugin\GbpSv.exe (G-Buster Browser Defense - Service) 010 * C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer) 010 * C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer) 010 * C:\Program Files\AppBrad\NetExpressUpdater.exe (NetExpressUpdater) 010 * C:\Program Files\Origin\OriginClientService.exe (OriginClientService) 010 * C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Phone Number Recognition (PNR) module) 010 * c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (PsiService PsiService) 010 * C:\Program Files\Skype\Updater\Updater.exe (Skype Updater Service) 010 * C:\Program Files\Common Files\Steam\SteamService.exe (Steam Client Service) 010 C:\Program Files\Popcorn Time\Updater.exe (Updater) 010 * C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Updates Skype Click to Call) 011 * c:\windows\system32\drivers\asmthub3.sys (ASMedia USB3 Hub Driver) 011 * c:\windows\system32\drivers\asmtxhci.sys (ASMEDIA XHCI Host Controller Driver) 011 * c:\windows\system32\drivers\Xeno7x86.sys (Bigfoot Networks Killer(TM) PCI-E Gaming Adapter) 011 * C:\Windows\system32\DRIVERS\dtlitescsibus.sys (DAEMON Tools Lite Virtual SCSI Bus Driver) 011 * C:\Windows\system32\Drivers\fsbts.sys (fsbts.sys) 011 * C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys (F-Secure Gatekeeper 32-bit ) 011 * C:\Program Files\GVT\apps\CCF_Scanning\bin\fsni32.sys (F-Secure Network Interceptor Driver, 32 bit) 011 * C:\Program Files\GVT\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys (fsvista.sys) 011 * C:\Windows\system32\DRIVERS\gbpndisrdn.sys (GAS Tecnologia - LWF Helper Driver) 011 * C:\Windows\system32\drivers\gbpkm.sys (GbPlugin Device Driver) 011 * C:\Windows\system32\DRIVERS\hamachi.sys (Hamachi Virtual Network Interface Driver) 011 * C:\Program Files\GVT\apps\ComputerSecurity\HIPS\drivers\fshs.sys (HIPS 32-bit kernel module) 011 * c:\windows\system32\drivers\iusb3xhc.sys (Intel(R) USB 3.0 eXtensible Host Controller Driver) 011 * c:\windows\system32\drivers\iusb3hub.sys (Intel(R) USB 3.0 Hub Driver) 011 * C:\Windows\system32\drivers\SCDEmu.sys (SCDEmu) 011 * C:\Windows\system32\DRIVERS\tap0901.sys (TAP-Windows Virtual Network Driver) 011 C:\Windows\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver) 031 * C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) {91774881-D725-4E58-B298-07617B9B86A8} 035 * C:\Program Files\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96} 042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} 042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49} 042 GUID / CLSID not found {898EA8C8-E7FF-479B-8935-AEC46303B9E5} 047 Zone: bankline.itau.com.br : https://bankline.itau.com.br 047 Zone: bankline.itau.com.br : *.bankline.itau.com.br 047 Zone: banklineplus.itau.com.br : *.banklineplus.itau.com.br 047 Zone: clickbanking.itau.com.br : *.clickbanking.itau.com.br 047 Zone: clickbanking.itau.com.br : https://clickbanking.itau.com.br 047 Zone: guardiao.itau.com.br : https://guardiao.itau.com.br 047 Zone: guardiao.itau.com.br : *.guardiao.itau.com.br 047 Zone: itau.b.br : *.itau.b.br 047 Zone: itau.com.br : *.itau.com.br 047 Zone: www.google.com : *.www.google.com 047 Zone: www.google.com.br : *.www.google.com.br 047 Zone: www.itau.b.br : *.www.itau.b.br 047 Zone: www.itau.com.br : http://www.itau.com.br 047 Zone: www.itau.com.br : https://www.itau.com.br 047 Zone: www.itau.com.br : *.www.itau.com.br 047 Zone: www.itaupersonnalite.com.br : *.www.itaupersonnalite.com.br 047 Zone: www.itaupersonnalite.com.br : http://www.itaupersonnalite.com.br 050 * C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco) {E37CB5F0-51F5-4395-A808-5FA49E399008} 052 C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH) {FFCB3198-32F3-4E8B-9539-4324694ED664} 052 * C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco) {C41A1C0E-EA6C-11D4-B1B8-444553540008} 052 * C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 052 * C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9} 052 * C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} 060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED} 061 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {DE902992-61FC-4A01-8091-53E1895C9775} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll (Corel Corporation) {7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {DE902994-61FC-4A01-8091-53E1895C9775} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll (Corel Corporation) {7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll (Corel Corporation) {7AD101F3-0B93-4D66-A1CA-DF73F3C4377B} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {DE902993-61FC-4A01-8091-53E1895C9775} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll (Corel Corporation) {7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} 061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll (Advanced Micro Devices, Inc.) {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {DE902995-61FC-4A01-8091-53E1895C9775} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll (Corel Corporation) {7FA63AC2-F5BC-4F3B-A9CF-94328D812B62} 061 * c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll (Corel Corporation) {1462EBAD-96E7-4D93-9A66-0E4068DE4FCF} 061 * C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco) {32A5804C-50B2-4295-8252-C32751FE0008} 061 * C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco) {E37CB5F0-51F5-4395-A808-5FA49E399008} 061 C:\Program Files\K-Lite Codec Pack\Icaros\32-bit\IcarosPropertyHandler.dll (Tabibito Technology) {0C08E3BB-D10B-4CC9-B1B3-701F5BE9D6EC} 061 C:\Program Files\K-Lite Codec Pack\Icaros\32-bit\IcarosThumbnailProvider.dll (Tabibito Technology) {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} 061 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 061 * C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA} 067 * C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco) 073 Adobe Flash Player Updater.job : C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) 073 GoogleUpdateTaskMachineCore.job : C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) 073 GoogleUpdateTaskMachineUA.job : C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) 073 Scheduled scanning task.job : C:\PROGRA~1\GVT\apps\COMPUT~1\ANTI-V~1\fsav.exe (F-Secure Corporation) 100 Start Page HKCU : about:Tabs 105 &Enviar para o OneNote : res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 105 E&xportar para o Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 170 {8b5825c8-45bf-11e5-9e85-4487fcb6ef4d} : E:\Startme.exe 173 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 173 * C:\Program Files\GVT\apps\ComputerSecurity\Common\fpshx.dll (F-Secure Corporation) F-Secure 173 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 173 * C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA} 221 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 221 * C:\Program Files\GVT\apps\ComputerSecurity\Common\fpshx.dll (F-Secure Corporation) F-Secure 221 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 221 * C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA} 225 * C:\Program Files\GVT\apps\ComputerSecurity\Common\fpshx.dll (F-Secure Corporation) F-Secure 225 * C:\Program Files\GVT\apps\ComputerSecurity\Common\fpshx.dll (F-Secure Corporation) F-Secure 225 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 225 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 225 * C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA} 225 * C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA} 227 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 227 * C:\Program Files\PowerISO\PWRISOSH.DLL (Power Software Ltd) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 229 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000} 251 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 254 * C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco) {32A5804C-50B2-4295-8252-C32751FE0008} Missing files ------------- 002 C:\Program Files\BlueStacks\HD-Agent.exe 011 C:\Windows\system32\drivers\EagleXNt.sys 011 C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys 011 C:\Windows\system32\drivers\MBAMSwissArmy.sys 011 System32\drivers\rdvgkmd.sys 011 C:\Windows\xhunter1.sys