Hi.
Forgive my lack of technical knowledge in IT but before running the script in OTL I wonder what this command will do, especially on "bancodobrasil.com.br" and "bb.com.br".
Not a problem and asking questions is absolutely fine far as I am concerned etc...
Basically no websites should be in the Trusted Zone of Internet Explorer at all in my humble opinion. The reason being the default security settings in the Trusted Zone are set way too low, which makes it unsafe in my book. Plus it should not be necessary for any remote server to have that level of access anyway. Plenty of good and reputable sites become compromised to host malware, advertising networks are renowned for serving malware which can appear on any site. The best policy is to remove anything from the Trusted Zone unless it's absolutely required in order for the site to work and you trust that site implicitly. Though the latter these days is becoming more and more fraught as compared to a good few years back unfortunately.
However the machine is your property after all and if you really want to keep those particular sites in the Trusted Zone, that is your decision and I will respect that and merely run the modified custom script below instead if you so wish.
Code:
:Commands
[CreateRestorePoint]
:OTL
IE - HKU\S-1-5-21-3550818114-746151525-2354952759-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O9 - Extra 'Tools' menuitem : Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
[2013/10/09 11:21:41 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4
:Files
ipconfig /release /c
ipconfig /renew /c
ipconfig /flushdns /c
netsh winsock reset all /c
netsh int ip reset all /c
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdp]
:Commands
[EmptyTemp]