Combo Fix 2014

ComboFix 14-04-20.01 - STUDIO GAPE MUSIC 02/01/2015 23:32:51.1.
2 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.55.1046.18.7893.6260 [GMT -2:00
]
Executando de: j:\arquivos - sadrak backup\PROGRAMAS\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Excluses )))))))))))))))))))))))
))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SupTab\SuPTab.dll
c:\programdata\IePluginServices
c:\programdata\IePluginServices\PluginService.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Servios )))))))))))))))))))))
))))))))))))))))))))))))))))
.
.
-------\Service_IePluginServices
-------\Service_IePluginServices
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-12-03 to 2015-01-03 )))))
)))))))))))))))))))))))
.
.
2015-01-03 01:13 . 2015-01-03 01:13
-------d-----wc:\progr
am files\PopDeals
2015-01-02 23:14 . 2015-01-02 23:14
-------d-----wc:\progr
amdata\Microsoft Toolkit
2015-01-02 22:54 . 2015-01-02 22:54
-------d-----wc:\progr
am files (x86)\Common Files\Intel
2015-01-02 22:53 . 2015-01-02 22:53
-------d-----wc:\progr
am files\Common Files\Corel
2015-01-02 22:52 . 2015-01-02 22:52
-------d-----wc:\progr
am files\Common Files\Protexis
2015-01-02 22:51 . 2015-01-02 22:51
-------d-----wc:\progr
am files\Corel
2015-01-02 22:23 . 2015-01-02 22:23
-------d-----wc:\progr
amdata\Protexis
2015-01-02 22:03 . 2015-01-02 23:02
-------d-----wc:\progr
amdata\Corel
2015-01-02 22:03 . 2015-01-02 22:03
-------d-----wc:\progr
am files (x86)\Common Files\Protexis
2015-01-02 22:02 . 2010-11-16 18:24
15672 ----a-wc:\windows\syste
m32\drivers\regi.sys
2015-01-02 22:02 . 2015-01-02 22:02
-------d-----wc:\progr
am files (x86)\Corel
2015-01-02 20:48 . 2015-01-02 20:48
701616 ----a-wc:\windows\SysWo
w64\FlashPlayerApp.exe
2015-01-02 20:48 . 2015-01-02 20:48
w64\FlashPlayerCPLApp.cpl
2015-01-02 20:48 . 2015-01-02 20:48
-------d-----wc:\windo
ws\system32\Macromed
2015-01-02 20:01 . 2015-01-02 20:01
-------d-----wc:\windo
ws\system32\appmgmt
2015-01-02 19:49 . 2014-12-15 06:13

11870360
----a-wc:\progr
amdata\Microsoft\Windows Defender\Definition Updates\{29AFB1DC-9E3A-4323-B843-83
D8BB3DE682}\mpengine.dll
2015-01-02 17:48 . 2015-01-02 17:48
-------d-----wc:\progr
amdata\Toontrack
2015-01-02 14:43 . 2015-01-02 14:43
-------d-----wc:\progr
am files\Common Files\DESIGNER
2015-01-02 14:43 . 2015-01-02 14:43
-------d-----wc:\progr
am files\Microsoft.NET
2015-01-02 14:43 . 2015-01-02 14:43
-------d-----wc:\progr
am files (x86)\Microsoft SQL Server
2015-01-02 14:42 . 2015-01-02 14:42
-------d-----wc:\progr
amdata\regid.1991-06.com.microsoft
2015-01-02 14:42 . 2015-01-02 14:43
-------d-----wc:\progr
am files\Microsoft SQL Server
2015-01-02 14:42 . 2015-01-02 14:42
-------d-----wc:\windo
ws\PCHEALTH
2015-01-02 14:40 . 2015-01-02 14:40
-------d-----wc:\progr
am files\Microsoft Analysis Services
2015-01-02 14:40 . 2015-01-02 14:40
-------d-----wc:\progr
am files (x86)\Microsoft Analysis Services
2015-01-02 14:40 . 2015-01-02 14:42
-------d-----wc:\progr
am files\Microsoft Office
2015-01-02 14:40 . 2015-01-02 14:44
-------d-----wc:\progr
amdata\Microsoft Help
2015-01-02 14:40 . 2015-01-02 14:40
-------d-----rC:\MSOCa
che
2015-01-02 13:58 . 2015-01-02 13:58
-------dc-h--wc:\progr
amdata\{C0AE4A98-3E1D-45FB-8465-ECCCB391E633}
2015-01-02 13:57 . 2015-01-02 13:57
amdata\{E70386C6-507F-4906-86C2-96C1066BA097}
2015-01-02 13:56 . 2015-01-02 13:56
amdata\{FD1615C0-ED4A-4CEB-94C3-1850BF1BAA6A}
2015-01-02 13:52 . 2015-01-03 00:18
-------d-----wc:\progr
am files\Couponarific
2015-01-02 13:52 . 2015-01-02 13:52
amdata\{D4F46F7B-EA64-43A2-9BE5-84321CB4D190}
2015-01-02 13:52 . 2015-01-02 13:52
-------d-----wc:\progr
am files (x86)\99B3576D-84E8-4C6C-A897-DAC84657D541
2015-01-02 13:32 . 2015-01-02 13:32
-------d-----wc:\windo
ws\SysWow64\Macromed
2015-01-02 12:28 . 2015-01-02 12:28
-------d-----wc:\progr
am files (x86)\7-Zip
2015-01-01 19:53 . 2015-01-01 19:54
-------d-----wc:\progr
am files\CCleaner
2015-01-01 19:32 . 2015-01-01 19:32
-------d-----wc:\progr
am files (x86)\Toontrack
2015-01-01 17:26 . 2015-01-01 17:26
-------d-----wc:\progr
am files (x86)\XLN Audio
2015-01-01 17:20 . 2015-01-01 17:20
-------d-----wc:\progr
am files\PreSonus
2015-01-01 17:14 . 2015-01-01 17:20
-------dc----wc:\windo
ws\system32\DRVSTORE
2015-01-01 17:14 . 2012-11-01 00:51
m32\drivers\GEARAspiWDM.sys
2015-01-01 17:13 . 2015-01-01 17:14
-------d-----wc:\progr
amdata\PreSonus
2015-01-01 17:13 . 2012-09-26 15:35
m32\GEARAspi64.dll
2015-01-01 17:13 . 2012-09-26 15:35
w64\GEARAspi.dll
2015-01-01 17:11 . 2015-01-02 11:00
-------d-----wc:\windo
ws\SysWow64\C2MP
2015-01-01 16:25 . 2015-01-01 16:25
-------d-----wc:\progr
am files (x86)\iNTERNET Turbo
2015-01-01 16:24 . 2015-01-01 16:24
amdata\{2E9C94ED-C152-4D5D-8E21-AAE23373844C}
2015-01-01 16:19 . 2015-01-02 20:27
-------d-----wc:\progr
am files (x86)\Vstplugins
2015-01-01 16:19 . 2015-01-01 16:19
-------d-----wc:\progr
am files (x86)\Common Files\Digidesign
2015-01-01 16:18 . 2015-01-01 16:18
amdata\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2015-01-01 16:18 . 2015-01-02 13:58
-------d-----wc:\progr
am files\Common Files\Native Instruments
2015-01-01 16:18 . 2015-01-02 13:58
-------d-----wc:\progr
am files\Native Instruments
2015-01-01 16:18 . 2015-01-02 13:31
-------d-----wc:\progr
amdata\Native Instruments
2015-01-01 16:03 . 2015-01-01 16:03
-------d-----wc:\progr
amdata\Sony
2015-01-01 16:03 . 2015-01-01 16:03
-------d-----wc:\progr
am files (x86)\Sony
2015-01-01 15:49 . 2015-01-02 13:59
amdata\{582004F3-DAC7-4390-A43F-80AE1C8362C5}
2015-01-01 15:19 . 2015-01-01 15:19
-------d-----wc:\progr
am files (x86)\ASIO4ALL v2
2015-01-01 14:33 . 2015-01-01 14:34
-------d-----wc:\progr
am files (x86)\Common Files\Adobe
2015-01-01 14:32 . 2015-01-01 14:32
-------d-----wc:\progr
am files\WinRAR
2015-01-01 01:46 . 2015-01-01 01:46
-------d-----wC:\Boot
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files (x86)\Common Files\Propellerhead Software
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files\Common Files\VST3
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files\Common Files\VST2
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files (x86)\Common Files\VST3
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files\Common Files\Avid
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files\Celemony
2015-01-01 01:27 . 2015-01-01 01:27
-------d-----wc:\progr
am files (x86)\Celemony
2015-01-01 01:27 . 2014-12-31 19:53
-------d-----wc:\progr
amdata\Celemony Software GmbH
2015-01-01 01:27 . 2015-01-01 01:27
-------d--h--wc:\progr
am files (x86)\InstallShield Installation Information
2015-01-01 01:26 . 2015-01-01 01:27
-------d-----wc:\progr
am files (x86)\Common Files\Celemony
2015-01-01 01:26 . 2015-01-01 01:27
-------d-----wc:\progr
am files\Common Files\Celemony
2015-01-01 01:26 . 2012-02-17 06:38
m32\rdpcorets.dll
2015-01-01 01:26 . 2012-02-17 06:38
m32\rdpcore.dll
2015-01-01 01:26 . 2012-02-17 05:34
w64\rdpcore.dll
2015-01-01 01:26 . 2012-02-17 04:58

m32\drivers\rdpwd.sys
2015-01-01 01:26 . 2012-02-17 04:57
m32\drivers\tdtcp.sys
2015-01-01 01:26 . 2015-01-01 01:26
-------d-----wc:\progr
amdata\Temporary
2015-01-01 01:26 . 2015-01-03 01:27
-------d-----wC:\Cakew
alk Projects
2015-01-01 01:20 . 2015-01-02 14:43
-------d-----wc:\progr
am files (x86)\Microsoft.NET
2015-01-01 01:08 . 2014-05-14 16:23
m32\wups2.dll
2015-01-01 01:05 . 2013-10-28 10:13
m32\drivers\IntcDAud.sys
2015-01-01 01:05 . 2015-01-01 01:05
-------d-----wc:\progr
am files (x86)\UltraISO
2015-01-01 01:05 . 2015-01-01 01:05
-------d-----wc:\progr
am files (x86)\Common Files\EZB Systems
2015-01-01 01:05 . 2013-07-18 05:54
m32\drivers\L1C62x64.sys
2015-01-01 01:04 . 2013-01-23 14:57
m32\drivers\HECIx64.sys
2015-01-01 00:59 . 2014-02-25 17:11
m32\drivers\avnetflt.sys
2015-01-01 00:59 . 2014-02-25 17:11
m32\drivers\avkmgr.sys
2015-01-01 00:59 . 2014-02-25 17:11
m32\drivers\avipbb.sys
2015-01-01 00:59 . 2014-02-25 17:11
m32\drivers\avgntflt.sys
2015-01-01 00:59 . 2015-01-01 00:59
-------d-----wc:\progr
amdata\Avira
2015-01-01 00:59 . 2015-01-01 00:59
-------d-----wc:\progr
am files (x86)\Avira
2015-01-01 00:58 . 2015-01-02 22:56
-------d-sh--wc:\windo
ws\Installer
2014-12-31 21:24 . 2014-12-31 21:24
-------d-----wc:\progr
am files (x86)\predm
2014-12-31 21:24 . 2014-12-31 21:24
-------d-----wc:\progr
amdata\Baidu Security
2014-12-31 21:24 . 2014-12-31 21:24
-------d-----wc:\progr
amdata\Baidu
2014-12-31 21:24 . 2014-12-31 21:24
-------d-----wc:\progr
am files (x86)\Baidu Security
2014-12-31 21:22 . 2014-12-31 21:24
-------d-----wc:\progr
amdata\nDvmvxsRAjQ
2014-12-31 21:20 . 2015-01-03 01:37
-------d-----wc:\progr
am files (x86)\SupTab
2014-12-31 21:20 . 2014-12-31 21:20
-------d-----wc:\progr
amdata\WindowsMangerProtect
2014-12-31 20:58 . 2014-12-31 21:08
-------d-----wc:\progr
am files\shopperz
2014-12-31 20:51 . 2015-01-01 14:16
-------d-----wc:\progr
am files\99B3576D-84E8-4C6C-A897-DAC84657D541
.
.
.
((((((((((((((((((((((((((((((((((((( Relatrio Find3M )))))))))))))))))))))))
)))))))))))))))))))))))))))))
.
2014-11-24 16:04 . 2011-01-16 02:09

275080 ------wc:\windows\syste
m32\MpSigStub.exe
2014-11-19 15:38 . 2014-11-19 15:38
m32\drivers\netfilter64.sys
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
)))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legtimas por padro no so apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explor
er\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 22:38
1720976 ----a-wc:\progra~2\MICROS~1\Office15\GR
OOVEEX.DLL
.
er\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 22:38
OOVEEX.DLL
.
er\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 22:38
OOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\STUDIO GAPE MUSIC\AppData\Roaming\uTorrent\uTorrent.exe" [20
15-01-02 1389648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689
744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [20
12-12-18 946352]
"iTurbo"="c:\program files (x86)\iNTERNET Turbo\ITTray.exe" [2012-04-16 177152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\dri
vers32]
"aux1"=wdmaud.drv
.
R1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys;c:\windows\SYSN
ATIVE\drivers\cherimoya.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c
:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft
.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\driver
s\dmvsc.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\
Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engi
ne\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\dri
vers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\dr
ivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\te
rminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATI
VE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;
c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\
windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\driver
s\rdvgkmd.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir D
esktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRI
VERS\avkmgr.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\window
s\SYSNATIVE\drivers\netfilter64.sys [x]
S2 AntiVirSchedulerService;Avira Agendamento;c:\program files (x86)\Avira\AntiVi
r Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATI
VE\DRIVERS\avnetflt.sys [x]
S2 CouponarificService64;CouponarificService64;c:\program files (x86)\99B3576D-8
4E8-4C6C-A897-DAC84657D541\xtloowpkjv64.exe;c:\program files (x86)\99B3576D-84E8
-4C6C-A897-DAC84657D541\xtloowpkjv64.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Inst
ruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Inst
ruments\Hardware\NIHardwareService.exe [x]
S2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;c:\p
rogram files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program f
iles\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 raKXTtGYm;raKXTtGYm;c:\programdata\nDvmvxsRAjQ\raKXTtGYm.exe;c:\programdata\n
DvmvxsRAjQ\raKXTtGYm.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\r
egi.sys [x]
S2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMange
rProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWi
ndowsManager.exe [x]
S3 IntcDAud;udio Intel(R) para telas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\
windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controlle
r;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64
.sys [x]
.
.
--- =Outros Servios/Drivers Na Memria --.
*NewlyCreated* - WS2IFSL
.
Contedo da pasta 'Tarefas Agendadas'
.
2015-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 20
:48]
.
.
--------- X64 Entries ----------.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
overlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 22:37
OOVEEX.DLL
.
overlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 22:37
OOVEEX.DLL
.
overlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 22:37
OOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PopDeals"="c:\program files\PopDeals\PopDeals.exe" [2015-01-03 137664]
.
------- Scan Suplementar ------.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1420060765&from=squadm&u
id=WDCXWD5000AAKX-00ERMA0_WD-WCC2EH24534345343
mDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420060765&f
rom=squadm&uid=WDCXWD5000AAKX-00ERMA0_WD-WCC2EH24534345343&q={searchTerms}
mDefault_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1420060765&from=sq
uadm&uid=WDCXWD5000AAKX-00ERMA0_WD-WCC2EH24534345343
mStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1420060765&from=squadm&u
id=WDCXWD5000AAKX-00ERMA0_WD-WCC2EH24534345343
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420060765&from=squ
adm&uid=WDCXWD5000AAKX-00ERMA0_WD-WCC2EH24534345343&q={searchTerms}
IE: &Enviar para o OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3
000
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x8
6)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORFOS REMOVIDOS - - - .
BHO-{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - c:\program files (x86)\SupTab\SupTa
b.dll
Wow6432Node-HKLM-Run-mbot_br_399 - (no file)
ShellIconOverlayIdentifiers-{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} - c:\program
files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll
AddRemove-Addictive Drums - c:\windows\unvise32.exe

AddRemove-O - c:\programdata\{B0CAD5CC-867E-473E-B55F-339F9635A45D}\Guitar Rig M
obile IO Setup PC.exe
AddRemove-O - c:\programdata\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}\Guitar Rig S
ession IO Setup PC.exe
AddRemove-Native Instruments Rig Kontrol 3 - c:\programdata\{5A23829C-A66E-47B0AD50-21A3FFE6C325}\Rig Kontrol 3 Setup PC.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_2
35_ActiveX.exe,-101"
.
}\Elevation]
"Enabled"=dword:00000001
.
}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A1082370
13BD}]
@="IFlashBroker6"
.
13BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
13BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4D2C18CA0866F}]
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_2
35_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}]
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}]
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8
F48-A108237013BD}]
@="IFlashBroker6"
.
F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execuo -----------------------.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Tempo para concluso: 2015-01-02 23:44:23 - Mquina reiniciou
ComboFix-quarantined-files.txt 2015-01-03 01:44
ComboFix2.txt 2013-12-17 11:06
ComboFix3.txt 2013-12-10 23:44
.
Pr-execuo: 139.364.507.648 bytes disponveis
Ps execuo: 138.590.281.728 bytes disponveis
.
- - End Of File - - C577D824B767F2BFCA89C77B8D7BE449
A36C5E4F47E84449FF07ED3517B43A31

Combo Fix 2014

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Combo Fix 2014

Uploaded by

Copyright:

Available Formats

ComboFix 14-04-20.01 - STUDIO GAPE MUSIC 02/01/2015 23:32:51.1.

2015-01-02 19:49 . 2014-12-15 06:13

2015-01-01 01:26 . 2012-02-17 04:58

2014-11-24 16:04 . 2011-01-16 02:09

2015-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job

AddRemove-Addictive Drums - c:\windows\unvise32.exe

You might also like