Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-02-23.01 - hp 24/02/2016 11:11:43.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3830.1961 [GMT -3:00]
Executando de: c:\users\hp\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\sXe Injected
c:\program files (x86)\sXe Injected\ddsxei.sys
c:\program files (x86)\sXe Injected\sXe-I EULA.txt
c:\program files (x86)\sXe Injected\sXe Injected.exe
c:\program files (x86)\sXe Injected\sXe Injected.txt
c:\program files (x86)\sXe Injected\sXe.dll
c:\program files (x86)\sXe Injected\uninstall.exe
c:\program files (x86)\sXe Injected\uninstall.ini
c:\programdata\system32
c:\programdata\system32\Download\94b9d49df1960d5bc5325432c6ecb570.zip
c:\programdata\system32\SafeGuard.sig
c:\programdata\system32\SafeGuard32.dll
c:\programdata\system32\SafeGuard64.dll
c:\programdata\system32\update.zip
c:\programdata\windows security
c:\programdata\windows security\winsecurity.exe
c:\users\hp\AppData\Local\Crsoft
c:\users\hp\AppData\Local\Crsoft\crsvc.exe
c:\users\hp\AppData\Local\Temp\VSTmp\explorerEx64.dll
c:\users\hp\AppData\Localtransition_1e1e57e4f8c4cc96239ccbde52fc5e45.ini
c:\users\hp\AppData\Roaming\win32
c:\users\hp\AppData\Roaming\win32\spoolsv32.jar
c:\windows\7
c:\windows\7\1a49e4b107f266ff7dc37e831af70c3e.tmp
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\075884af680ff6dc.fb
c:\windows\SysWow64\Cache\075884af680ff6dc__exp__1389093657
c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb
c:\windows\SysWow64\Cache\49fbbc5a8678d502__exp__1389093662
c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb
c:\windows\SysWow64\Cache\613e8ce7ab7106af__exp__1389093662
c:\windows\SysWow64\Cache\691f14230153a9e1.fb
c:\windows\SysWow64\Cache\691f14230153a9e1__exp__1389093665
c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb
c:\windows\SysWow64\Cache\7614bd6cfa99e546__exp__1389093664
c:\windows\SysWow64\Cache\881b3593316772f0.fb
c:\windows\SysWow64\Cache\881b3593316772f0__exp__1389093660
c:\windows\SysWow64\Cache\c27842386b05e212.fb
c:\windows\SysWow64\Cache\c27842386b05e212__exp__1389093655
c:\windows\SysWow64\Cache\c4e10d1be905349b.fb
c:\windows\SysWow64\Cache\c4e10d1be905349b__exp__1389093662
c:\windows\SysWow64\Cache\c8a51ba84752784f.fb
c:\windows\SysWow64\Cache\c8a51ba84752784f__exp__1389093660
c:\windows\SysWow64\Cache\f2cda51fd108941f.fb
c:\windows\SysWow64\Cache\f2cda51fd108941f__exp__1389093660
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TESSAFE
-------\Service_Sed
-------\Service_TesSafe
-------\Service_Crashhd
-------\Service_WindowsSecurity
-------\Service_Crashhd
-------\Service_WindowsSecurity
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2016-01-24 to 2016-02-24 ))))))))))))))))))))))))))))
.
.
2016-02-24 14:30 . 2016-02-24 14:30 -------- d-----w- c:\users\Henrique\AppData\Local\temp
2016-02-24 14:30 . 2016-02-24 14:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-24 02:41 . 2016-02-24 13:37 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-02-24 02:41 . 2016-02-24 02:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-02-24 02:41 . 2016-02-24 02:41 -------- d-----w- c:\programdata\Malwarebytes
2016-02-24 02:41 . 2015-10-05 12:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-02-24 02:41 . 2015-10-05 12:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-02-24 00:33 . 2016-02-24 00:34 -------- d-----w- C:\87d6317cd0fedf402d8e65410f1a4d01
2016-02-23 23:32 . 2016-02-23 23:32 -------- d-----w- C:\Games
2016-02-23 23:18 . 2016-02-24 01:19 -------- d-----w- c:\users\hp\AppData\Local\Diagnostics
2016-02-23 23:05 . 2016-02-23 23:05 -------- d-----w- c:\users\hp\AppData\Local\VirtualStore
2016-02-23 23:04 . 2016-02-23 23:04 -------- d-----w- c:\programdata\Validity
2016-02-23 22:39 . 2016-02-24 00:16 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2016-02-23 22:39 . 2016-02-24 00:16 -------- d-----w- c:\program files\Microsoft Security Client
2016-02-23 21:58 . 2016-02-23 23:33 -------- d-----w- c:\program files (x86)\ClamWin
2016-02-23 20:48 . 2016-02-23 20:48 -------- d-----w- C:\zoek_backup
2016-02-23 19:59 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-23 19:59 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-23 19:59 . 2015-11-13 23:08 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-23 19:59 . 2015-11-13 22:50 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-23 19:59 . 2015-11-13 22:49 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-23 19:53 . 2016-01-22 06:48 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2016-02-23 19:52 . 2016-01-22 06:45 666624 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2016-02-23 19:47 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-23 19:46 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-23 19:46 . 2015-11-11 18:53 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-23 19:46 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-23 19:46 . 2015-11-11 18:39 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-23 19:46 . 2015-11-16 20:17 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-23 19:46 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-02-23 19:46 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-23 19:00 . 2016-01-16 19:01 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-02-23 19:00 . 2016-01-16 18:36 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-02-23 18:58 . 2016-01-22 06:20 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-23 18:57 . 2016-01-22 06:19 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-02-23 18:57 . 2016-01-22 05:19 3231232 ----a-w- c:\windows\explorer.exe
2016-02-23 18:57 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-02-23 18:57 . 2016-01-22 06:15 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-23 18:57 . 2016-01-22 06:12 1940992 ----a-w- c:\windows\system32\authui.dll
2016-02-23 18:57 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-23 18:57 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-23 18:56 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-02-23 18:56 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-02-23 16:49 . 2016-02-23 16:49 19022528 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-02-23 16:25 . 2016-02-23 16:25 16984 ----a-w- c:\windows\DelYAC_x64.sys
2016-02-23 16:24 . 2016-02-23 16:24 -------- d-----w- c:\users\hp\AppData\Roaming\WinNetSvc
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-24 06:17 . 2012-09-01 01:53 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-02-23 22:45 . 2016-02-23 22:45 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73E5BE6A-0C2E-4E4D-A1E6-C9846DF03E23}\gapaengine.dll
2016-02-23 19:00 . 2016-02-23 19:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC44C489-2173-4E51-B4DA-314F870A34A3}\offreg.2416.dll
2016-02-23 16:27 . 2016-02-23 16:27 97792 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\smime3.dll
2016-02-23 16:27 . 2016-02-23 16:27 93696 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssutil3.dll
2016-02-23 16:27 . 2016-02-23 16:27 91648 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\45.0.2454.85\chrome_elf.dll
2016-02-23 16:27 . 2016-02-23 16:27 91648 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\45.0.2454.85\chrome_elf.dll
2016-02-23 16:27 . 2016-02-23 16:27 815944 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\chrome.exe
2016-02-23 16:27 . 2016-02-23 16:27 815944 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\chrome.exe
2016-02-23 16:27 . 2016-02-23 16:27 798720 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nss3.dll
2016-02-23 16:27 . 2016-02-23 16:27 773968 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\msvcr100.dll
2016-02-23 16:27 . 2016-02-23 16:27 4525520 ----a-w- c:\programdata\Microsoft\Network\Dsq\network\sysnetwk.exe
2016-02-23 16:27 . 2016-02-23 16:27 423936 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\sqlite3.dll
2016-02-23 16:27 . 2016-02-23 16:27 370176 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssckbi.dll
2016-02-23 16:27 . 2016-02-23 16:27 222208 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\freebl3.dll
2016-02-23 16:27 . 2016-02-23 16:27 199680 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libnspr4.dll
2016-02-23 16:27 . 2016-02-23 16:27 190976 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\ssl3.dll
2016-02-23 16:27 . 2016-02-23 16:27 190976 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\45.0.2454.85\work.dll
2016-02-23 16:27 . 2016-02-23 16:27 172544 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\softokn3.dll
2016-02-23 16:27 . 2016-02-23 16:27 14336 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libplc4.dll
2016-02-23 16:27 . 2016-02-23 16:27 12288 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libplds4.dll
2016-02-23 16:27 . 2016-02-23 16:27 111616 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\45.0.2454.85\work.dll
2016-02-23 16:27 . 2016-02-23 16:27 108544 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssdbm3.dll
2016-02-23 16:27 . 2016-02-23 16:27 103936 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\certutil.exe
2016-01-22 05:59 . 2016-02-23 18:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-16 13:15 . 2016-02-23 17:59 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC44C489-2173-4E51-B4DA-314F870A34A3}\mpengine.dll
2015-12-09 03:39 . 2012-09-04 11:13 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2015-06-02 13:40 1889664 ----a-w- c:\program files (x86)\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]
R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 egg_protect;egg_protect;c:\windows\DelYAC_x64.sys;c:\windows\DelYAC_x64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys;c:\windows\SYSNATIVE\Drivers\GemCCID.sys [x]
R3 Generalusbserialser20675;USB Legacy Serial Communication 20675;c:\windows\system32\DRIVERS\CT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_U_USBSER.sys [x]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbmdm.sys [x]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbnmea.sys [x]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbser.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SzCCID;StarSign CUT;c:\windows\system32\DRIVERS\SzCCID.sys;c:\windows\SYSNATIVE\DRIVERS\SzCCID.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R3 X6va017;X6va017;c:\windows\SysWOW64\Drivers\X6va017;c:\windows\SysWOW64\Drivers\X6va017 [x]
R3 X6va022;X6va022;c:\windows\SysWOW64\Drivers\X6va022;c:\windows\SysWOW64\Drivers\X6va022 [x]
R3 X6va023;X6va023;c:\windows\SysWOW64\Drivers\X6va023;c:\windows\SysWOW64\Drivers\X6va023 [x]
R3 X6va025;X6va025;c:\windows\SysWOW64\Drivers\X6va025;c:\windows\SysWOW64\Drivers\X6va025 [x]
R3 X6va026;X6va026;c:\windows\SysWOW64\Drivers\X6va026;c:\windows\SysWOW64\Drivers\X6va026 [x]
R3 X6va027;X6va027;c:\windows\SysWOW64\Drivers\X6va027;c:\windows\SysWOW64\Drivers\X6va027 [x]
R3 X6va028;X6va028;c:\windows\SysWOW64\Drivers\X6va028;c:\windows\SysWOW64\Drivers\X6va028 [x]
R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x]
R3 X6va031;X6va031;c:\windows\SysWOW64\Drivers\X6va031;c:\windows\SysWOW64\Drivers\X6va031 [x]
R3 X6va060;X6va060;c:\windows\SysWOW64\Drivers\X6va060;c:\windows\SysWOW64\Drivers\X6va060 [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R4 NetTcpHandler;Net.Tcp Service Handler;c:\users\hp\AppData\Roaming\NetService\netservice.exe;c:\users\hp\AppData\Roaming\NetService\netservice.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 SkypeUpdateEx;SkypeUpdateEx;c:\program files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe;c:\program files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [x]
R4 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
R4 WinNetSvc;Windows Net Proxy Auto Service;c:\users\hp\AppData\Roaming\WinNetSvc\WinNetSvc.exe;c:\users\hp\AppData\Roaming\WinNetSvc\WinNetSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
S2 XBox;Xbox Live Network Manager Service;c:\users\hp\AppData\Roaming\XBox\XBLive.exe;c:\users\hp\AppData\Roaming\XBox\XBLive.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 GBPRCM;Service for G-Buster Driver (PM);c:\program files (x86)\GbPlugin\gbprcm64.sys;c:\program files (x86)\GbPlugin\gbprcm64.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Warsaw_PP;Warsaw Protector;c:\progra~2\GbPlugin\wsftprp64.sys;c:\progra~2\GbPlugin\wsftprp64.sys [x]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*Deregistered* - GbFtIn
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-23 20:03 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2015-08-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2743754275-1282719760-1511834794-1000Core.job
- c:\users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24 02:16]
.
2015-08-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2743754275-1282719760-1511834794-1000UA.job
- c:\users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24 02:16]
.
2016-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-23 20:00]
.
2016-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-23 20:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
mStart Page = hxxp://www.searchtudo.com/pt/?uid={a9e5474734354820802af80357ba4584}&r=eg
mDefault_Page_URL = hxxp://www.searchtudo.com/pt/?uid={a9e5474734354820802af80357ba4584}&r=eg
mSearch Page = hxxp://search.navegaki.com?q={searchTerms}&uid={a9e5474734354820802af80357ba4584}&r=eg
mDefault_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={a9e5474734354820802af80357ba4584}&r=eg
uInternet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080
IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\seg
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C2185DBF-4D0C-4A5E-B8D3-C43E432BC834}\D41646572756962716027796D26696: NameServer = 8.8.8.8,8.8.8.4
FF - ProfilePath - c:\users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\awz8sj83.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORFÃOS REMOVIDOS - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} - (no file)
ShellIconOverlayIdentifiers-{E056AFDD-03E9-4D73-8D33-8FCCBCA73438} - c:\users\hp\AppData\Local\Temp\VSTmp\explorerEx64.dll
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-sXe Injected - c:\program files (x86)\sXe Injected\uninstall.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{86515E4F-8EAF-4632-A4D9-C68D5DB27CB9} - c:\progra~3\INSTAL~1\{86515~1\Setup.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va014]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va017]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va017"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va022]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va022"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va023]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va023"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va025]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va025"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va026]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va026"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va027]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va027"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va028]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va028"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va029]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va031]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va031"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va060]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va060"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-2743754275-1282719760-1511834794-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
.
**************************************************************************
.
Tempo para conclusão: 2016-02-24 11:47:20 - Máquina reiniciou
ComboFix-quarantined-files.txt 2016-02-24 14:47
.
Pré-execução: 121.069.867.008 bytes disponíveis
Pós execução: 123.795.632.128 bytes disponíveis
.
- - End Of File - - 0A1175E2E1BF91FD1E14AD66EFDABDD3
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3830.1961 [GMT -3:00]
Executando de: c:\users\hp\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\sXe Injected
c:\program files (x86)\sXe Injected\ddsxei.sys
c:\program files (x86)\sXe Injected\sXe-I EULA.txt
c:\program files (x86)\sXe Injected\sXe Injected.exe
c:\program files (x86)\sXe Injected\sXe Injected.txt
c:\program files (x86)\sXe Injected\sXe.dll
c:\program files (x86)\sXe Injected\uninstall.exe
c:\program files (x86)\sXe Injected\uninstall.ini
c:\programdata\system32
c:\programdata\system32\Download\94b9d49df1960d5bc5325432c6ecb570.zip
c:\programdata\system32\SafeGuard.sig
c:\programdata\system32\SafeGuard32.dll
c:\programdata\system32\SafeGuard64.dll
c:\programdata\system32\update.zip
c:\programdata\windows security
c:\programdata\windows security\winsecurity.exe
c:\users\hp\AppData\Local\Crsoft
c:\users\hp\AppData\Local\Crsoft\crsvc.exe
c:\users\hp\AppData\Local\Temp\VSTmp\explorerEx64.dll
c:\users\hp\AppData\Localtransition_1e1e57e4f8c4cc96239ccbde52fc5e45.ini
c:\users\hp\AppData\Roaming\win32
c:\users\hp\AppData\Roaming\win32\spoolsv32.jar
c:\windows\7
c:\windows\7\1a49e4b107f266ff7dc37e831af70c3e.tmp
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\075884af680ff6dc.fb
c:\windows\SysWow64\Cache\075884af680ff6dc__exp__1389093657
c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb
c:\windows\SysWow64\Cache\49fbbc5a8678d502__exp__1389093662
c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb
c:\windows\SysWow64\Cache\613e8ce7ab7106af__exp__1389093662
c:\windows\SysWow64\Cache\691f14230153a9e1.fb
c:\windows\SysWow64\Cache\691f14230153a9e1__exp__1389093665
c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb
c:\windows\SysWow64\Cache\7614bd6cfa99e546__exp__1389093664
c:\windows\SysWow64\Cache\881b3593316772f0.fb
c:\windows\SysWow64\Cache\881b3593316772f0__exp__1389093660
c:\windows\SysWow64\Cache\c27842386b05e212.fb
c:\windows\SysWow64\Cache\c27842386b05e212__exp__1389093655
c:\windows\SysWow64\Cache\c4e10d1be905349b.fb
c:\windows\SysWow64\Cache\c4e10d1be905349b__exp__1389093662
c:\windows\SysWow64\Cache\c8a51ba84752784f.fb
c:\windows\SysWow64\Cache\c8a51ba84752784f__exp__1389093660
c:\windows\SysWow64\Cache\f2cda51fd108941f.fb
c:\windows\SysWow64\Cache\f2cda51fd108941f__exp__1389093660
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TESSAFE
-------\Service_Sed
-------\Service_TesSafe
-------\Service_Crashhd
-------\Service_WindowsSecurity
-------\Service_Crashhd
-------\Service_WindowsSecurity
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2016-01-24 to 2016-02-24 ))))))))))))))))))))))))))))
.
.
2016-02-24 14:30 . 2016-02-24 14:30 -------- d-----w- c:\users\Henrique\AppData\Local\temp
2016-02-24 14:30 . 2016-02-24 14:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-24 02:41 . 2016-02-24 13:37 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-02-24 02:41 . 2016-02-24 02:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-02-24 02:41 . 2016-02-24 02:41 -------- d-----w- c:\programdata\Malwarebytes
2016-02-24 02:41 . 2015-10-05 12:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-02-24 02:41 . 2015-10-05 12:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-02-24 00:33 . 2016-02-24 00:34 -------- d-----w- C:\87d6317cd0fedf402d8e65410f1a4d01
2016-02-23 23:32 . 2016-02-23 23:32 -------- d-----w- C:\Games
2016-02-23 23:18 . 2016-02-24 01:19 -------- d-----w- c:\users\hp\AppData\Local\Diagnostics
2016-02-23 23:05 . 2016-02-23 23:05 -------- d-----w- c:\users\hp\AppData\Local\VirtualStore
2016-02-23 23:04 . 2016-02-23 23:04 -------- d-----w- c:\programdata\Validity
2016-02-23 22:39 . 2016-02-24 00:16 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2016-02-23 22:39 . 2016-02-24 00:16 -------- d-----w- c:\program files\Microsoft Security Client
2016-02-23 21:58 . 2016-02-23 23:33 -------- d-----w- c:\program files (x86)\ClamWin
2016-02-23 20:48 . 2016-02-23 20:48 -------- d-----w- C:\zoek_backup
2016-02-23 19:59 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-23 19:59 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-23 19:59 . 2015-11-13 23:08 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-23 19:59 . 2015-11-13 22:50 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-23 19:59 . 2015-11-13 22:49 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-23 19:53 . 2016-01-22 06:48 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2016-02-23 19:52 . 2016-01-22 06:45 666624 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2016-02-23 19:47 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-23 19:46 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-23 19:46 . 2015-11-11 18:53 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-23 19:46 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-23 19:46 . 2015-11-11 18:39 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-23 19:46 . 2015-11-16 20:17 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-23 19:46 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-02-23 19:46 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-23 19:00 . 2016-01-16 19:01 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-02-23 19:00 . 2016-01-16 18:36 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-02-23 18:58 . 2016-01-22 06:20 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-23 18:57 . 2016-01-22 06:19 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-02-23 18:57 . 2016-01-22 05:19 3231232 ----a-w- c:\windows\explorer.exe
2016-02-23 18:57 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-02-23 18:57 . 2016-01-22 06:15 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-23 18:57 . 2016-01-22 06:12 1940992 ----a-w- c:\windows\system32\authui.dll
2016-02-23 18:57 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-23 18:57 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-23 18:56 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-02-23 18:56 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-02-23 16:49 . 2016-02-23 16:49 19022528 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-02-23 16:25 . 2016-02-23 16:25 16984 ----a-w- c:\windows\DelYAC_x64.sys
2016-02-23 16:24 . 2016-02-23 16:24 -------- d-----w- c:\users\hp\AppData\Roaming\WinNetSvc
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-24 06:17 . 2012-09-01 01:53 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-02-23 22:45 . 2016-02-23 22:45 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73E5BE6A-0C2E-4E4D-A1E6-C9846DF03E23}\gapaengine.dll
2016-02-23 19:00 . 2016-02-23 19:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC44C489-2173-4E51-B4DA-314F870A34A3}\offreg.2416.dll
2016-02-23 16:27 . 2016-02-23 16:27 97792 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\smime3.dll
2016-02-23 16:27 . 2016-02-23 16:27 93696 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssutil3.dll
2016-02-23 16:27 . 2016-02-23 16:27 91648 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\45.0.2454.85\chrome_elf.dll
2016-02-23 16:27 . 2016-02-23 16:27 91648 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\45.0.2454.85\chrome_elf.dll
2016-02-23 16:27 . 2016-02-23 16:27 815944 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\chrome.exe
2016-02-23 16:27 . 2016-02-23 16:27 815944 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\chrome.exe
2016-02-23 16:27 . 2016-02-23 16:27 798720 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nss3.dll
2016-02-23 16:27 . 2016-02-23 16:27 773968 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\msvcr100.dll
2016-02-23 16:27 . 2016-02-23 16:27 4525520 ----a-w- c:\programdata\Microsoft\Network\Dsq\network\sysnetwk.exe
2016-02-23 16:27 . 2016-02-23 16:27 423936 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\sqlite3.dll
2016-02-23 16:27 . 2016-02-23 16:27 370176 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssckbi.dll
2016-02-23 16:27 . 2016-02-23 16:27 222208 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\freebl3.dll
2016-02-23 16:27 . 2016-02-23 16:27 199680 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libnspr4.dll
2016-02-23 16:27 . 2016-02-23 16:27 190976 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\ssl3.dll
2016-02-23 16:27 . 2016-02-23 16:27 190976 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\45.0.2454.85\work.dll
2016-02-23 16:27 . 2016-02-23 16:27 172544 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\softokn3.dll
2016-02-23 16:27 . 2016-02-23 16:27 14336 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libplc4.dll
2016-02-23 16:27 . 2016-02-23 16:27 12288 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\libplds4.dll
2016-02-23 16:27 . 2016-02-23 16:27 111616 ----a-w- c:\programdata\Microsoft\Network\Dsq\chrome\45.0.2454.85\work.dll
2016-02-23 16:27 . 2016-02-23 16:27 108544 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\nssdbm3.dll
2016-02-23 16:27 . 2016-02-23 16:27 103936 ----a-w- c:\programdata\Microsoft\Network\Dsq\func\ca\certutil.exe
2016-01-22 05:59 . 2016-02-23 18:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-16 13:15 . 2016-02-23 17:59 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC44C489-2173-4E51-B4DA-314F870A34A3}\mpengine.dll
2015-12-09 03:39 . 2012-09-04 11:13 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2015-06-02 13:40 1889664 ----a-w- c:\program files (x86)\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]
R1 gbpddfac;Warsaw File Access svc;c:\windows\system32\drivers\gbpddfac64.sys;c:\windows\SYSNATIVE\drivers\gbpddfac64.sys [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 egg_protect;egg_protect;c:\windows\DelYAC_x64.sys;c:\windows\DelYAC_x64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys;c:\windows\SYSNATIVE\Drivers\GemCCID.sys [x]
R3 Generalusbserialser20675;USB Legacy Serial Communication 20675;c:\windows\system32\DRIVERS\CT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_U_USBSER.sys [x]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbmdm.sys [x]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbnmea.sys [x]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbser.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SzCCID;StarSign CUT;c:\windows\system32\DRIVERS\SzCCID.sys;c:\windows\SYSNATIVE\DRIVERS\SzCCID.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R3 X6va017;X6va017;c:\windows\SysWOW64\Drivers\X6va017;c:\windows\SysWOW64\Drivers\X6va017 [x]
R3 X6va022;X6va022;c:\windows\SysWOW64\Drivers\X6va022;c:\windows\SysWOW64\Drivers\X6va022 [x]
R3 X6va023;X6va023;c:\windows\SysWOW64\Drivers\X6va023;c:\windows\SysWOW64\Drivers\X6va023 [x]
R3 X6va025;X6va025;c:\windows\SysWOW64\Drivers\X6va025;c:\windows\SysWOW64\Drivers\X6va025 [x]
R3 X6va026;X6va026;c:\windows\SysWOW64\Drivers\X6va026;c:\windows\SysWOW64\Drivers\X6va026 [x]
R3 X6va027;X6va027;c:\windows\SysWOW64\Drivers\X6va027;c:\windows\SysWOW64\Drivers\X6va027 [x]
R3 X6va028;X6va028;c:\windows\SysWOW64\Drivers\X6va028;c:\windows\SysWOW64\Drivers\X6va028 [x]
R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x]
R3 X6va031;X6va031;c:\windows\SysWOW64\Drivers\X6va031;c:\windows\SysWOW64\Drivers\X6va031 [x]
R3 X6va060;X6va060;c:\windows\SysWOW64\Drivers\X6va060;c:\windows\SysWOW64\Drivers\X6va060 [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R4 NetTcpHandler;Net.Tcp Service Handler;c:\users\hp\AppData\Roaming\NetService\netservice.exe;c:\users\hp\AppData\Roaming\NetService\netservice.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 SkypeUpdateEx;SkypeUpdateEx;c:\program files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe;c:\program files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [x]
R4 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
R4 WinNetSvc;Windows Net Proxy Auto Service;c:\users\hp\AppData\Roaming\WinNetSvc\WinNetSvc.exe;c:\users\hp\AppData\Roaming\WinNetSvc\WinNetSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]
S2 XBox;Xbox Live Network Manager Service;c:\users\hp\AppData\Roaming\XBox\XBLive.exe;c:\users\hp\AppData\Roaming\XBox\XBLive.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 GBPRCM;Service for G-Buster Driver (PM);c:\program files (x86)\GbPlugin\gbprcm64.sys;c:\program files (x86)\GbPlugin\gbprcm64.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Warsaw_PP;Warsaw Protector;c:\progra~2\GbPlugin\wsftprp64.sys;c:\progra~2\GbPlugin\wsftprp64.sys [x]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*Deregistered* - GbFtIn
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-23 20:03 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2015-08-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2743754275-1282719760-1511834794-1000Core.job
- c:\users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24 02:16]
.
2015-08-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2743754275-1282719760-1511834794-1000UA.job
- c:\users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24 02:16]
.
2016-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-23 20:00]
.
2016-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-23 20:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 232712 ----a-w- c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
mStart Page = hxxp://www.searchtudo.com/pt/?uid={a9e5474734354820802af80357ba4584}&r=eg
mDefault_Page_URL = hxxp://www.searchtudo.com/pt/?uid={a9e5474734354820802af80357ba4584}&r=eg
mSearch Page = hxxp://search.navegaki.com?q={searchTerms}&uid={a9e5474734354820802af80357ba4584}&r=eg
mDefault_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={a9e5474734354820802af80357ba4584}&r=eg
uInternet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080
IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\seg
Trusted Zone: bb.com.br\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C2185DBF-4D0C-4A5E-B8D3-C43E432BC834}\D41646572756962716027796D26696: NameServer = 8.8.8.8,8.8.8.4
FF - ProfilePath - c:\users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\awz8sj83.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORFÃOS REMOVIDOS - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} - (no file)
ShellIconOverlayIdentifiers-{E056AFDD-03E9-4D73-8D33-8FCCBCA73438} - c:\users\hp\AppData\Local\Temp\VSTmp\explorerEx64.dll
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-sXe Injected - c:\program files (x86)\sXe Injected\uninstall.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{86515E4F-8EAF-4632-A4D9-C68D5DB27CB9} - c:\progra~3\INSTAL~1\{86515~1\Setup.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va014]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va017]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va017"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va022]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va022"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va023]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va023"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va025]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va025"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va026]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va026"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va027]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va027"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va028]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va028"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va029]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va031]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va031"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va060]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va060"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-2743754275-1282719760-1511834794-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
.
**************************************************************************
.
Tempo para conclusão: 2016-02-24 11:47:20 - Máquina reiniciou
ComboFix-quarantined-files.txt 2016-02-24 14:47
.
Pré-execução: 121.069.867.008 bytes disponíveis
Pós execução: 123.795.632.128 bytes disponíveis
.
- - End Of File - - 0A1175E2E1BF91FD1E14AD66EFDABDD3
A36C5E4F47E84449FF07ED3517B43A31