KEMBAR78
ComboFix Report for Windows 7 Users | PDF | Device Driver | Remote Desktop Services
Scribd
Upload
235 views11 pages

ComboFix Report for Windows 7 Users

This document is a log file from a ComboFix scan that was run on a Windows 7 system. It lists exclusions made during the scan, files created between two dates, and details about the system such as installed applications, drivers, and registry entries. The log contains no abnormalities and indicates the system is running as expected.

Uploaded by

Douglas Fraga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
235 views11 pages

ComboFix Report for Windows 7 Users

This document is a log file from a ComboFix scan that was run on a Windows 7 system. It lists exclusions made during the scan, files created between two dates, and details about the system such as installed applications, drivers, and registry entries. The log contains no abnormalities and indicates the system is running as expected.

Uploaded by

Douglas Fraga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 11

ComboFix 18-08-08.01 - Douglas 03/09/2018 8:24.7.

4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.4001.1169 [GMT -3:00]
Executando de: c:\users\Douglas\Downloads\combofix-17-5-4-1.exe
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-
004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-
3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Criado um novo ponto de restaura��o
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Douglas\Media
c:\users\Douglas\Media\alm_critical.wav
c:\users\Douglas\Media\alm_major.wav
c:\users\Douglas\Media\alm_minor.wav
c:\users\Douglas\Media\alm_warning.wav
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2018-08-03 to 2018-09-
03 ))))))))))))))))))))))))))))
.
.
2018-09-03 11:38 . 2018-09-03 11:38 -------- d-----w-
c:\users\Public\AppData\Local\temp
2018-09-03 11:38 . 2018-09-03 11:38 -------- d-----w-
c:\users\Default\AppData\Local\temp
2018-09-03 11:20 . 2018-09-03 11:20 58120 ----a-w-
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B8A19C20-
ABB6-48E0-B43A-C6DFC2A18757}\MpKsl21a58da2.sys
2018-09-03 11:14 . 2018-09-03 11:14 -------- d-----w-
c:\users\Douglas\cache1535973259181
2018-09-03 11:12 . 2018-04-10 19:22 438104 ----a-w- c:\program files
(x86)\Mozilla Firefox\wsffcmgr.exe
2018-08-31 14:43 . 2018-08-21 18:04 14821528 ----a-w-
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B8A19C20-
ABB6-48E0-B43A-C6DFC2A18757}\mpengine.dll
2018-08-29 21:29 . 2018-08-21 18:04 14821528 ----a-w-
c:\programdata\Microsoft\Microsoft Antimalware\Definition
Updates\Backup\mpengine.dll
2018-08-28 11:53 . 2018-08-28 11:53 51024 ----a-w-
c:\windows\system32\DbxSvc.exe
2018-08-28 11:53 . 2018-08-28 11:53 50232 ----a-w-
c:\windows\system32\drivers\dbx-dev.sys
2018-08-28 11:53 . 2018-08-28 11:53 50232 ----a-w-
c:\windows\system32\drivers\dbx-canary.sys
2018-08-28 11:53 . 2018-08-28 11:53 45640 ----a-w-
c:\windows\system32\drivers\dbx-stable.sys
2018-08-04 22:00 . 2018-08-04 22:00 -------- d-----w- c:\program files\Google
.
.
.
((((((((((((((((((((((((((((((((((((( Relat�rio
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-07-17 15:57 . 2018-07-17 15:57 111048 ----a-w-
c:\windows\system32\WindowsAccessBridge-64.dll
2018-07-16 22:02 . 2010-11-21 03:27 563832 ------w-
c:\windows\system32\MpSigStub.exe
2018-07-04 14:05 . 2018-07-04 14:05 196528 ----a-w-
c:\windows\system32\javaws.exe
2018-07-04 14:05 . 2018-07-04 14:05 172976 ----a-w-
c:\windows\system32\javaw.exe
2018-07-04 14:05 . 2018-07-04 14:05 172976 ----a-w-
c:\windows\system32\java.exe
2016-12-19 11:12 . 2016-12-19 11:12 7680000 ----a-w- c:\program files
(x86)\GUTCF70.tmp
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por padr�o n�o s�o apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 323528 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 16:59 1729744 ----a-w-
c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 16:59 1729744 ----a-w-
c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 16:59 1729744 ----a-w-
c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Post-it� Software Notes Lite.lnk - c:\program files (x86)\3M\PSNLite\PsnLite.exe
-RegRun [2004-10-15 2080768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1
wsddfac;wsddfac;c:\windows\system32\drivers\wsddfac.sys;c:\windows\SYSNATIVE\driver
s\wsddfac.sys [x]
R1 wsddpp;Warsaw - Driver
(PP);c:\windows\system32\drivers\wsddpp.sys;c:\windows\SYSNATIVE\drivers\wsddpp.sys
[x]
R2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program
files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\wind
ows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Servi�o Atualiza��o do Dropbox (dbupdate);c:\program files
(x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files
(x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files
(x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
[x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files
(x86)\Browny02\BrYNSvc.exe [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files
(x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-
LogRotatorService.exe [x]
R3 BstkDrv;BlueStacks Plus Hypervisor;c:\program files
(x86)\BlueStacks\BstkDrv.sys;c:\program files (x86)\BlueStacks\BstkDrv.sys [x]
R3 dbupdatem;Servi�o Atualiza��o do Dropbox (dbupdatem);c:\program files
(x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files
(x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys
[x]
R3
dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvs
c.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector
Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.
exe [x]
R3 IntcDAud;�udio Intel(R) para
telas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAu
d.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability
Licensing Service TCP IP Interface;c:\program files\Intel\iCLS
Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe
[x]
R3 Netaapl;Apple Mobile Device Ethernet
Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\neta
apl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport
Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\driver
s\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport
Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synt
h3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input
Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\termin
pt.sys [x]
R3
TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\dri
vers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic
%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys
[x]
R3 tsusbhub;Remote Deskotop USB
Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.
sys [x]
R3 USBAAPL64;Apple Mobile USB
Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaa
pl64.sys [x]
R3
VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvg
kmd.sys [x]
R3 WatAdminSvc;Servi�o de Tecnologias de Ativa��o do
Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSv
c.exe [x]
R3 WPRO_41_2001;WinPcap Packet Driver
(WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\dr
ivers\WPRO_41_2001.sys [x]
R3 wsddprm;Warsaw - Driver
(PRM);c:\windows\system32\drivers\wsddprm.sys;c:\windows\SYSNATIVE\drivers\wsddprm.
sys [x]
S1 MpKsl21a58da2;MpKsl21a58da2;c:\programdata\Microsoft\Microsoft
Antimalware\Definition Updates\{B8A19C20-ABB6-48E0-B43A-
C6DFC2A18757}\MpKsl21a58da2.sys;c:\programdata\Microsoft\Microsoft
Antimalware\Definition Updates\{B8A19C20-ABB6-48E0-B43A-
C6DFC2A18757}\MpKsl21a58da2.sys [x]
S1 VBoxDrv;VirtualBox
Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDr
v.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking
Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBo
xNetLwf.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor
Service;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBo
xUSBMon.sys [x]
S1 wsddntf;Diebold Network
Monitor;c:\windows\system32\DRIVERS\wsddntf.sys;c:\windows\SYSNATIVE\DRIVERS\wsddnt
f.sys [x]
S2 AnyDesk;AnyDesk Service;c:\program files (x86)\AnyDesk\AnyDesk.exe;c:\program
files (x86)\AnyDesk\AnyDesk.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell
Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
S2 DiagTrack;Diagnostics Tracking
Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel
Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.
exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing
Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program
files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface
Service;c:\program files (x86)\Intel\Intel(R) Management Engine
Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management
Engine Components\DAL\jhi_service.exe [x]
S2 SamsungUPDUtilSvc;Samsung UPD Utility
Service;c:\windows\SysWOW64\SecUPDUtilSvc.exe;c:\windows\SysWOW64\SecUPDUtilSvc.exe
[x]
S2 scpbradserv;Componente de Seguran�a Bradesco;c:\program files
(x86)\scpbrad\scpbradserv.exe;c:\program files (x86)\scpbrad\scpbradserv.exe [x]
S2
SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\S
SPORT.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common
Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common
Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 Warsaw Technology;Warsaw Technology;c:\program
files\Diebold\Warsaw\core.exe;c:\program files\Diebold\Warsaw\core.exe [x]
S3 NisDrv;Microsoft Network Inspection
System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDr
vWFP.sys [x]
S3 NisSrv;Inspe��o de Rede da Microsoft;c:\program files\Microsoft Security
Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT
Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64wi
n7.sys [x]
S3
SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATI
VE\DRIVERS\Smb_driver_Intel.sys [x]
S3 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport
Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VB
oxNetAdp6.sys [x]
.
.
--- =Outros Servi�os/Drivers Na Mem�ria ---
.
*NewlyCreated* - MPKSL21A58DA2
*Deregistered* - mad_inj_driver
.
Conte�do da pasta 'Tarefas Agendadas'
.
2018-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-18
22:16]
.
2018-09-03 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-20 10:40]
.
2018-09-01 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-20 10:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-08-28 11:46 367952 ----a-w- c:\program files
(x86)\Dropbox\Client\DropboxExt64.23.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 17:03 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 17:03 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 17:03 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;
IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\aapj
Trusted Zone: bb.com.br\seg
Trusted Zone: bb.com.br\www
Trusted Zone: dell.com
Trusted Zone: gastecnologia.com.br\cloud
Trusted Zone: itau.com.br\bankline
Trusted Zone: itau.com.br\clickbanking
Trusted Zone: itau.com.br\guardiao
Trusted Zone: itau.com.br\www
Trusted Zone: itaupersonnalite.com.br\www
TCP: DhcpNameServer = 192.168.5.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files
(x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath -
c:\users\Douglas\AppData\Roaming\Mozilla\Firefox\Profiles\hh2ddple.default\
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-
file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_11
7_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_11
7_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-
B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-
B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-
B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus�o: 2018-09-03 08:54:31
ComboFix-quarantined-files.txt 2018-09-03 11:54
ComboFix2.txt 2018-05-09 10:35
ComboFix3.txt 2018-04-14 11:54
ComboFix4.txt 2018-02-19 17:52
ComboFix5.txt 2018-09-03 11:21
.
Pr�-execu��o: 107.973.865.472 bytes dispon�veis
P�s execu��o: 107.813.597.184 bytes dispon�veis
.
- - End Of File - - C4649263725C43DDAC60B1629E2344F4
A36C5E4F47E84449FF07ED3517B43A31

You might also like