Combo Fix

ComboFix 17-10-17.01 - Laboratorio 24/10/2017 12:01:38.2.
4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3959.2043 [GMT -2:00]
Executando de: c:\users\Laboratorio\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Laboratorio\AppData\Local\assembly\tmp
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2017-09-24 to 2017-10-
24 ))))))))))))))))))))))))))))
.
.
2017-10-24 14:09 . 2017-10-24 14:09 -------- d-----w-
c:\users\Default\AppData\Local\temp
2017-10-24 13:03 . 2017-10-24 13:03 -------- d-----w-
c:\users\Laboratorio\AppData\Roaming\Qualcomm
2017-10-24 12:33 . 2017-10-24 12:33 -------- d-----w- c:\programdata\Qualcomm
2017-10-24 12:33 . 2017-10-24 12:33 -------- d-----w- c:\program files
(x86)\Qualcomm
(x86)\QUALCOMM Incorporated
2017-10-23 20:03 . 2017-10-23 20:03 -------- d-----w-
c:\users\Laboratorio\AppData\Roaming\Lenovo
(x86)\LenovoSmartAssistant
2017-10-23 15:21 . 2017-10-24 14:08 -------- d-----w-
c:\users\Laboratorio\AppData\Local\assembly
2017-10-23 15:20 . 2017-10-23 15:20 -------- d-----w- c:\programdata\LMSA
(x86)\Lenovo Moto Smart Assistant
2017-10-23 15:16 . 2017-10-23 20:00 -------- d-----w-
c:\users\Laboratorio\AppData\Local\Downloaded Installations
(x86)\Common Files\Java
(x86)\Common Files\Wondershare
2017-10-13 13:42 . 2017-10-13 13:42 -------- d-----w- c:\programdata\Sony
Mobile
(x86)\Sony Mobile
2017-10-13 13:38 . 2017-10-13 13:38 -------- d-----w- c:\program files\Sony
(x86)\Sony
2017-10-05 12:59 . 2017-10-05 12:59 401488 ----a-w-
c:\windows\system32\aswBoot.exe
2017-10-04 12:47 . 2017-10-04 12:47 -------- d-----w-
c:\users\Laboratorio\AppData\Local\ElevatedDiagnostics
2017-09-28 14:09 . 2017-09-28 14:09 -------- d-----w-
c:\users\Laboratorio\AppData\Roaming\Samsung
(x86)\Samsung
.
.
.
((((((((((((((((((((((((((((((((((((( Relat�rio
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-10-23 11:50 . 2017-07-06 14:00 97856 ----a-w-
c:\windows\SysWow64\WindowsAccessBridge-32.dll
2017-10-16 11:47 . 2017-07-06 14:02 803328 ----a-w-
c:\windows\SysWow64\FlashPlayerApp.exe
2017-10-16 11:47 . 2017-07-06 14:02 144896 ----a-w-
c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-10-05 12:59 . 2017-07-08 12:31 363440 ----a-w-
c:\windows\system32\drivers\aswVmm.sys
2017-10-05 12:59 . 2017-07-08 12:31 201352 ----a-w-
c:\windows\system32\drivers\aswStm.sys
2017-10-05 12:59 . 2017-07-08 12:31 84416 ----a-w-
c:\windows\system32\drivers\aswRvrt.sys
2017-10-05 12:59 . 2017-07-08 12:31 587168 ----a-w-
c:\windows\system32\drivers\aswSP.sys
2017-10-05 12:59 . 2017-07-08 12:31 147776 ----a-w-
c:\windows\system32\drivers\aswMonFlt.sys
2017-10-05 12:59 . 2017-07-08 12:31 47008 ----a-w-
c:\windows\system32\drivers\aswHwid.sys
2017-10-05 12:59 . 2017-07-08 12:31 110376 ----a-w-
c:\windows\system32\drivers\aswRdr2.sys
2017-10-05 12:59 . 2017-07-08 12:31 1020536 ----a-w-
c:\windows\system32\drivers\aswSnx.sys
2017-08-07 21:42 . 2017-08-07 21:42 2356592 ----a-w-
c:\windows\system32\WudfUpdate_01011.dll
2017-08-07 21:42 . 2017-08-07 21:42 493568 ----a-w-
c:\windows\system32\drivers\UMDF\LGAirDrive.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por padr�o n�o s�o apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\# MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-06-07 20:07 569856 ----a-w-
c:\users\Laboratorio\AppData\Local\MEGAsync\ShellExtX32.dll
.
shelliconoverlayidentifiers\# MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-06-07 20:07 569856 ----a-w-
.
shelliconoverlayidentifiers\# MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-06-07 20:07 569856 ----a-w-
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet
Services\iCloudServices.exe" [2017-09-18 67384]
"SideSync"="c:\program files (x86)\Samsung\SideSync4\SideSync.exe" [2017-08-09
12476064]
"XperiaCompanionAgent"="c:\program files (x86)\Sony\Xperia
Companion\XperiaCompanionAgent.exe" [2017-05-31 2105728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-
13 91520]
"AveoSTI"="c:\program files (x86)\SOFTWARE R&D CENTER\SOFTWARE R&D CENTER
\AveoSTI.exe" [2010-04-14 32768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java
Update\jusched.exe" [2017-09-05 587288]
.
c:\users\Laboratorio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\users\Laboratorio\AppData\Local\MEGAsync\MEGAsync.exe [2017-6-21
5415936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2
aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\a
swStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\wind
ows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2
KingoSoftService;KingoSoftService;c:\users\Laboratorio\AppData\Local\Kingosoft\King
o
Root\update_27205\bin\KingoSoftService.exe;c:\users\Laboratorio\AppData\Local\Kingo
soft\Kingo Root\update_27205\bin\KingoSoftService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamService.exe [x]
R2 WeatherLiteService;Weather Lite Service;c:\program files
(x86)\WeatherTool\2.0.1.5000183\WeatherService.exe;c:\program files
(x86)\WeatherTool\2.0.1.5000183\WeatherService.exe [x]
R3 AndnetBus;LGE Mobile USB Composite
Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\l
gandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial
Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lg
andnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB
Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\
lgandnetmodem64.sys [x]
R3
aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\driver
s\aswHwid.sys [x]
R3 AVEO;USB2.0 PC
Camera;c:\windows\system32\DRIVERS\AVEOdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\AVEOdc
nt.sys [x]
R3 BTCFilterService;USB Networking Driver Filter
Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfil
t.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU
Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.
sys [x]
R3 ggflt;SOMC USB Flash Driver
Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys
[x]
R3 ggsomc;SOMC USB Flash
Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.s
ys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector
Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.
exe [x]
R3 motandroidusb;Mot ADB Interface
Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\mot
oandroid.sys [x]
R3 Motousbnet;Motorola USB Networking Driver
Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Mot
ousbnet.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing
Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\n
mwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone
Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmw
cdnsux64.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA
Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
R3 qcusbnet;Qualcomm USB-NDIS
miniport;c:\windows\system32\DRIVERS\qcusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\qcus
bnet.sys [x]
R3 qcusbser;Qualcomm USB Device for Legacy Serial
Communication;c:\windows\system32\DRIVERS\qcusbser.sys;c:\windows\SYSNATIVE\DRIVERS
\qcusbser.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport
Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\driver
s\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card
Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUSt
or.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU
Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.
sys [x]
R3
SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVER
S\SWDUMon.sys [x]
R3
Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATI
VE\drivers\synth3dvsc.sys [x]
R3
TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\dri
vers\tsusbflt.sys [x]
R3
tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\dri
vers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB
Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaa
pl64.sys [x]
R3
VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvg
kmd.sys [x]
R3 WatAdminSvc;Servi�o de Tecnologias de Ativa��o do
Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSv
c.exe [x]
R3
wdf_usb;wdf_usb;c:\windows\system32\drivers\usb2ser.sys;c:\windows\SYSNATIVE\driver
s\usb2ser.sys [x]
R3
wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVER
S\usb2ser.sys [x]
S0
aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\Sys
temRoot\system32\drivers\aswRvrt.sys [x]
S0
aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\System
Root\system32\drivers\aswVmm.sys [x]
S1
aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\a
swSnx.sys [x]
S1
aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswS
P.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program
files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2
aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\
drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking
Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA
Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program
files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 KMS-R@1n;KMS-R@1n;c:\windows\KMS-R@1n.exe;c:\windows\KMS-R@1n.exe [x]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files
(x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program
files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe [x]
S2 PST Service;PST Service;c:\program files
(x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files
(x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB
Drivers\27_ssconn\conn\ss_conn_service.exe;c:\program files\Samsung\USB
Drivers\27_ssconn\conn\ss_conn_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files
(x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA
Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 XperiaCompanionService;Servi�o Xperia Companion;c:\program files\Sony\Xperia
Companion\Service\XperiaCompanionService.exe;c:\program files\Sony\Xperia
Companion\Service\XperiaCompanionService.exe [x]
S3 HECIx64;Intel(R) Management Engine
Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECI
x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible)
(WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64
v.sys [x]
S3 RTL8167;Realtek 8167 NT
Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64wi
n7.sys [x]
S3
SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATI
VE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows
nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr
QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\# MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-06-07 20:09 598528 ----a-w-
.
rlayidentifiers\# MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-06-07 20:09 598528 ----a-w-
.
rlayidentifiers\# MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-06-07 20:09 598528 ----a-w-
.
rlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-10-05 12:59 1789648 ----a-w- c:\program files\AVAST
Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 16781824]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-10-05
253344]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
[2016-11-14 2397120]
"GLSystray"="c:\program files (x86)\GLPCCamera\monitorpad.exe" [2014-03-11 69632]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2017-09-11 297784]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://login.latinamweb.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
FF - ProfilePath -
c:\users\Laboratorio\AppData\Roaming\Mozilla\Firefox\Profiles\8r7wrtb3.default\
FF - prefs.js: browser.startup.homepage - hxxp://login.latinamweb.com/search.php?q=
FF - prefs.js: keyword.URL - hxxp://login.latinamweb.com/search.php?q=
FF - user.js: browser.startup.homepage - hxxp://login.latinamweb.com/search.php?
q=);user_pref(keyword.URL, http://login.latinamweb.com/search.php?q=
.
- - - - ORF�OS REMOVIDOS - - - -
.
AddRemove-Driver Updater_is1 - c:\program files (x86)\Driver Updater\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_170_
ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_170_ActiveX.exe"
.
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
A108237013BD}]
@="IFlashBroker6"
.
A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}]
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_170_
ActiveX.exe,-101"
.
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_170_ActiveX.exe"
.
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@="Shockwave Flash Object"
.
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_170.ocx"
"ThreadingModel"="Apartment"
.
444553540000}\MiscStatus]
@="0"
.
444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_170.ocx, 1"
.
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}\Version]
@="1.0"
.
444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@="Macromedia Flash Factory Object"
.
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_170.ocx"
"ThreadingModel"="Apartment"
.
444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_170.ocx, 1"
.
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}\Version]
@="1.0"
.
444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
8F48-A108237013BD}]
@="IFlashBroker6"
.
8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus�o: 2017-10-24 12:12:42
ComboFix-quarantined-files.txt 2017-10-24 14:12
ComboFix2.txt 2017-09-27 14:12
.
Pr�-execu��o: 28.773.138.432 bytes dispon�veis
P�s execu��o: 36.960.247.808 bytes dispon�veis
.
- - End Of File - - BBEB8F629204B32B1874376A0940B68D
A36C5E4F47E84449FF07ED3517B43A31

Combo Fix

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Combo Fix

Загружено:

Авторское право:

Доступные форматы

ComboFix 17-10-17.01 - Laboratorio 24/10/2017 12:01:38.2.

Вам также может понравиться