Scribd
Upload
23 views7 pages

Combo Fix

Uploaded by

Fabio Medina
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
23 views7 pages

Combo Fix

Uploaded by

Fabio Medina
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

ComboFix 19-11-04.01 - F�bio Medina 27/06/2020 23:26:14.5.

4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.8112.6379 [GMT -3:00]
Executando de: c:\users\F�bio Medina\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Templates\All Users.lnk
c:\programdata\Microsoft\Windows\Templates\Leica S2 Adobe Standard.dcp.lnk
c:\users\Branca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Canon EOS
5D Mark III Adobe Standard.dcp.lnk
c:\users\Branca\AppData\Local\Microsoft\Windows\Temporary Internet Files\dwnbwq
c:\users\Branca\AppData\Roaming\Microsoft\Windows\Templates\Canon EOS-1D Adobe
Standard.dcp.lnk
c:\users\Branca\AppData\Roaming\Microsoft\Windows\Templates\Canon EOS 40D Adobe
Standard.dcp.lnk
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Canon
PowerShot S110 Adobe Standard.dcp.lnk
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Leica M8
Digital Adobe Standard.dcp.lnk
c:\users\Default\AppData\Roaming\Microsoft\Windows\Templates\Mamiya ZD Adobe
Standard.dcp.lnk
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2020-05-28 to 2020-06-
28 ))))))))))))))))))))))))))))
.
.
2020-06-28 02:35 . 2020-06-28 02:35 -------- d-----w- c:\users\Public\AppData\
Local\temp
2020-06-28 02:35 . 2020-06-28 02:35 -------- d-----w- c:\users\FBIOME~2\
AppData\Local\temp
2020-06-28 02:35 . 2020-06-28 02:35 -------- d-----w- c:\users\Fábio Medina\
AppData\Local\temp
2020-06-28 02:35 . 2020-06-28 02:35 -------- d-----w- c:\users\Default\
AppData\Local\temp
2020-06-28 02:35 . 2020-06-28 02:35 -------- d-----w- c:\users\Branca\AppData\
Local\temp
2020-06-28 02:16 . 2020-06-28 02:16 -------- d-----w- c:\program files (x86)\
Cisco
2020-06-28 02:16 . 2015-01-06 15:41 3709656 ----a-w- c:\windows\system32\
drivers\rtwlane.sys
2020-06-28 02:16 . 2013-04-02 02:19 574464 ----a-w- c:\windows\system32\
Rtlihvs.dll
2020-06-28 02:16 . 2014-03-24 15:37 422400 ----a-w- c:\windows\SwUSB.exe
2020-06-28 02:16 . 2013-10-18 19:42 48856 ----a-w- c:\windows\runSW.exe
2020-06-28 02:16 . 2010-12-01 12:31 451072 ----a-w- c:\windows\SysWow64\
ISSRemoveSP.exe
2020-06-28 02:14 . 2020-06-28 02:14 -------- d-----w- c:\programdata\Realtek
2020-06-25 13:44 . 2020-06-25 13:44 123392 ---ha-w- c:\users\fuwgs.tmp
2020-06-25 01:09 . 2020-06-25 01:16 -------- d-----w- c:\programdata\
Battle.net
2020-06-25 01:00 . 2020-06-25 01:00 123392 ---ha-w- c:\users\gddlp.tmp
2020-06-24 23:44 . 2020-06-24 23:44 123392 ---ha-w- c:\users\lrvd.tmp
2020-06-24 14:22 . 2020-06-24 14:22 123392 ---ha-w- c:\users\gkam.tmp
2020-06-23 15:32 . 2020-06-23 15:32 123392 ---ha-w- c:\users\tymaon.tmp
2020-06-22 14:46 . 2020-06-22 14:46 123392 ---ha-w- c:\users\ayrc.tmp
2020-06-20 14:00 . 2020-06-20 14:00 123392 ---ha-w- c:\users\xnsolp.tmp
2020-06-18 14:36 . 2020-06-18 14:36 123392 ---ha-w- c:\users\uxxxlm.tmp
2020-06-18 01:10 . 2020-06-18 01:10 123392 ---ha-w- c:\users\gard.tmp
2020-06-17 16:15 . 2020-06-17 16:15 123392 ---ha-w- c:\users\qhltr.tmp
2020-06-16 15:53 . 2020-06-16 15:53 123392 ---ha-w- c:\users\nppuh.tmp
2020-06-16 15:47 . 2020-06-16 15:47 123392 ---ha-w- c:\users\yawgrt.tmp
2020-06-16 15:33 . 2020-06-16 15:33 123392 ---ha-w- c:\users\yxwru.tmp
2020-06-16 02:01 . 2020-06-16 02:01 123392 ---ha-w- c:\users\sxyaaq.tmp
2020-06-15 23:39 . 2020-06-15 23:39 123392 ---ha-w- c:\users\rwfn.tmp
2020-06-13 21:33 . 2020-06-13 21:33 123392 ---ha-w- c:\users\eqaad.tmp
2020-06-10 20:20 . 2020-06-10 20:20 123392 ---ha-w- c:\users\aljy.tmp
2020-06-08 16:00 . 2020-06-08 16:00 123392 ---ha-w- c:\users\fyrd.tmp
2020-06-07 13:50 . 2020-06-07 13:50 123392 ---ha-w- c:\users\rosl.tmp
2020-06-05 15:40 . 2020-06-05 15:40 123392 ---ha-w- c:\users\jidvy.tmp
2020-06-04 15:46 . 2020-06-04 15:46 123392 ---ha-w- c:\users\dncqd.tmp
2020-06-04 13:19 . 2020-06-04 13:19 123392 ---ha-w- c:\users\oequl.tmp
2020-06-03 13:03 . 2020-06-03 13:03 123392 ---ha-w- c:\users\prnbnr.tmp
2020-06-02 13:36 . 2020-06-02 13:36 123392 ---ha-w- c:\users\jbrssu.tmp
2020-06-01 15:10 . 2020-06-01 15:10 123392 ---ha-w- c:\users\evsqj.tmp
2020-05-30 18:07 . 2020-05-30 18:07 123392 ---ha-w- c:\users\yxwb.tmp
2020-05-29 22:13 . 2020-05-29 22:13 123392 ---ha-w- c:\users\upyug.tmp
2020-05-29 15:39 . 2020-05-29 15:39 123392 ---ha-w- c:\users\udont.tmp
.
.
.
((((((((((((((((((((((((((((((((((((( Relat�rio
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-06-28 02:18 . 2019-04-26 11:55 28376 ----a-w- c:\windows\system32\drivers\
wsddfac.sys
2020-05-29 02:04 . 2020-05-29 02:04 123392 ---ha-w- c:\users\gcgrnv.tmp
2020-05-28 11:46 . 2020-05-28 11:46 123392 ---ha-w- c:\users\xllc.tmp
2020-05-27 13:45 . 2020-05-27 13:45 123392 ---ha-w- c:\users\pafc.tmp
2020-05-25 21:46 . 2020-05-25 21:46 123392 ---ha-w- c:\users\jjohl.tmp
2020-05-24 16:58 . 2020-05-24 16:58 123392 ---ha-w- c:\users\uhjv.tmp
2020-05-23 12:01 . 2020-05-23 12:01 123392 ---ha-w- c:\users\dfqb.tmp
2020-05-22 18:11 . 2020-05-22 18:11 123392 ---ha-w- c:\users\yjuu.tmp
2020-05-21 18:40 . 2020-05-21 18:40 123392 ---ha-w- c:\users\rptowi.tmp
2020-05-20 02:19 . 2020-05-20 02:19 123392 ---ha-w- c:\users\kmppos.tmp
2020-05-19 15:57 . 2020-05-19 15:57 123392 ---ha-w- c:\users\inysyu.tmp
2020-05-19 15:52 . 2019-05-15 12:46 69955584 ----a-w- c:\users\F�bio Medina\
AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2020-05-19 15:52 . 2019-05-15 12:46 69955584 ----a-w- c:\users\F�bio Medina\
AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2020-05-19 15:51 . 2020-05-19 15:51 123392 ---ha-w- c:\users\fnnu.tmp
2020-05-18 15:00 . 2020-05-18 15:00 123392 ---ha-w- c:\users\ueyi.tmp
2020-05-17 22:15 . 2020-05-17 22:15 123392 ---ha-w- c:\users\duclo.tmp
2020-05-17 20:34 . 2020-05-17 20:34 123392 ---ha-w- c:\users\unxx.tmp
2020-05-16 14:42 . 2020-05-16 14:42 123392 ---ha-w- c:\users\qywo.tmp
2020-05-15 17:03 . 2020-05-15 17:03 123392 ---ha-w- c:\users\qwox.tmp
2020-05-15 14:02 . 2020-05-15 14:02 123392 ---ha-w- c:\users\jgdq.tmp
2020-05-14 15:09 . 2020-05-14 15:09 123392 ---ha-w- c:\users\sxcvac.tmp
2020-05-11 15:52 . 2020-05-11 15:52 123392 ---ha-w- c:\users\fmxgh.tmp
2020-05-09 23:01 . 2020-05-09 23:01 123392 ---ha-w- c:\users\mmark.tmp
2020-05-09 22:44 . 2020-05-09 22:44 123392 ---ha-w- c:\users\nkwgw.tmp
2020-05-08 21:27 . 2020-05-08 21:27 123392 ---ha-w- c:\users\ayjsb.tmp
2020-05-07 17:14 . 2020-05-07 17:14 123392 ---ha-w- c:\users\wedxn.tmp
2020-05-06 17:29 . 2020-05-06 17:29 123392 ---ha-w- c:\users\pjlx.tmp
2020-05-05 01:51 . 2020-05-05 01:51 123392 ---ha-w- c:\users\qfapfi.tmp
2020-05-01 22:33 . 2020-05-01 22:33 123392 ---ha-w- c:\users\txkp.tmp
2020-05-01 22:20 . 2020-05-01 22:20 123392 ---ha-w- c:\users\cubs.tmp
2020-05-01 22:16 . 2020-05-01 22:16 123392 ---ha-w- c:\users\esmb.tmp
2020-05-01 22:15 . 2020-05-01 22:15 99328 --sh--r- C:\oydii.exe
2020-04-09 21:28 . 2020-04-09 21:28 129088 ----a-w- c:\windows\system32\
WindowsAccessBridge-64.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por padr�o n�o s�o apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2020-06-
14 1268832]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller
Driver\Application\iusb3mon.exe" [2014-08-25 367600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\
windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\
Framework64\v4.0.30319\mscorsvw.exe [x]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\
system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 ManyCam Service;ManyCam Service;c:\programdata\ManyCam\Service\
ManyCamService.exe;c:\programdata\ManyCam\Service\ManyCamService.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\
btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\
btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\
btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\
btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\
btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\
windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\
DRIVERS\btfilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\
dmvsc.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files
(x86)\Google\Chrome\Application\83.0.4103.116\elevation_service.exe;c:\program
files (x86)\Google\Chrome\Application\83.0.4103.116\elevation_service.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program
files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\
program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
[x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\
system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;�udio Intel(R) para telas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\
windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability
Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\
SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iscFlash;iscFlash;c:\users\FBIOME~1\AppData\Local\Temp\7zSD71D.tmp\
iscflashx64.sys;c:\users\FBIOME~1\AppData\Local\Temp\7zSD71D.tmp\iscflashx64.sys
[x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update
Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\
iumsvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\
drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\
drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\
terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\
drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\
TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\
windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\
rdvgkmd.sys [x]
R3 WatAdminSvc;Servi�o de Tecnologias de Ativa��o do Windows;c:\windows\system32\
Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\
windows\SYSNATIVE\svchost.exe [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\
btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 iusb3hcs;Driver de comuta��o do controlador host Intel(R) USB 3.0;c:\windows\
system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 gxsddrv;gxsddrv;c:\windows\SYSTEM32\DRIVERS\gxsd.sys;c:\windows\SYSNATIVE\
DRIVERS\gxsd.sys [x]
S1 wsddfac;wsddfac;c:\windows\system32\drivers\wsddfac.sys;c:\windows\SYSNATIVE\
drivers\wsddfac.sys [x]
S1 wsddntf;Diebold Network Monitor;c:\windows\system32\DRIVERS\wsddntf.sys;c:\
windows\SYSNATIVE\DRIVERS\wsddntf.sys [x]
S1 wsddpp;Warsaw - Driver (PP);c:\windows\system32\drivers\wsddpp.sys;c:\windows\
SYSNATIVE\drivers\wsddpp.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\
adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 chromoting;Servi�o �rea de trabalho remota do Google Chrome;c:\program files
(x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe;c:\program files
(x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\
windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) ME Service;Intel� ME Service;c:\program files (x86)\Intel\Intel(R)
Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\
Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\
program files (x86)\Intel\Intel(R) Management Engine Components\DAL\
jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\
DAL\jhi_service.exe [x]
S2 LenovoSetSvr;LenovoSetSvr;c:\program files\Lenovo\LenovoUtility\
LenovoSetSvr.exe;c:\program files\Lenovo\LenovoUtility\LenovoSetSvr.exe [x]
S2 PRTGCoreService;PRTG Core Server Service;c:\program files (x86)\PRTG Network
Monitor\64 bit\PRTG Server.exe;c:\program files (x86)\PRTG Network Monitor\64 bit\
PRTG Server.exe [x]
S2 PRTGProbeService;PRTG Probe Service;c:\program files (x86)\PRTG Network Monitor\
PRTG Probe.exe;c:\program files (x86)\PRTG Network Monitor\PRTG Probe.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\
SYSNATIVE\SAsrv.exe [x]
S2 SynTPEnhService;SynTPEnh Caller Service;c:\program files\Synaptics\SynTP\
SynTPEnhService.exe;c:\program files\Synaptics\SynTP\SynTPEnhService.exe [x]
S2 Warsaw Technology;Warsaw Technology;c:\program files\Diebold\Warsaw\core.exe;c:\
program files\Diebold\Warsaw\core.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files
(x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\
Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\
AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 iusb3hub;Driver para hub Intel(R) USB 3.0;c:\windows\system32\DRIVERS\
iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Driver de controlador host eXtens�vel Intel(R) USB 3.0;c:\windows\
system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\
windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\
mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\
RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\
windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\
SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\
SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 wsddprm;Warsaw - Driver (PRM);c:\windows\system32\drivers\wsddprm.sys;c:\
windows\SYSNATIVE\drivers\wsddprm.sys [x]
.
.
--- =Outros Servi�os/Drivers Na Mem�ria ---
.
*Deregistered* - mad_inj_driver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\
svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr
QWAVE wcncsvc
.
Conte�do da pasta 'Tarefas Agendadas'
.
2020-06-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2019-04-17 13:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe" [2014-10-22 4060376]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{10D4598E-11B5-42DD-881A-D8204EA0AEA8}: NameServer = 82.163.142.9
95.211.158.137
TCP: Interfaces\{D7D0D59B-9945-4BF4-8C56-ECC16A4807E2}: NameServer = 82.163.142.9
95.211.158.137
FF - ProfilePath - c:\users\F�bio Medina\AppData\Roaming\Mozilla\Firefox\Profiles\
bqe6zdp8.default-release\
.
- - - - ORF�OS REMOVIDOS - - - -
.
c:\users\Branca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Leaf
Aptus 22 Adobe Standard.dcp.lnk - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Canon PowerShot Pro70
Adobe Standard.dcp.lnk - (no file)
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\
ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus�o: 2020-06-27 23:38:39
ComboFix-quarantined-files.txt 2020-06-28 02:38
ComboFix2.txt 2020-06-25 00:32
ComboFix3.txt 2020-05-29 02:26
ComboFix4.txt 2020-04-30 15:25
ComboFix5.txt 2020-06-28 02:24
.
Pr�-execu��o: 142.590.619.648 bytes dispon�veis
P�s execu��o: 141.912.064.000 bytes dispon�veis
.
- - End Of File - - EF3263DF5ED228A0073558BB96711EC8
A36C5E4F47E84449FF07ED3517B43A31

You might also like