Combo fix

ComboFix 15-11-09.01 - usinagem01 11/11/2015 10:15:22.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.6143.3724 [GMT
-2:00]
Executando de: c:usersusinagem01.ABRILSERVICEDownloadsComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:usersPublicDocumentspre_fileassoc.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))
))))))))))))))))))))))))))))))
.
.
-------Legacy_SPDRIVER_Unknown
-------Service_SPDRIVER_Unknown
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2015-10-11 to 2015-11-
11 ))))))))))))))))))))))))))))
.
.
2015-11-11 12:35 . 2015-11-11 12:35 -------- d-----w-
c:usersUSINAG~1~ABRAppDataLocaltemp
2015-11-11 12:35 . 2015-11-11 12:35 -------- d-----w-
c:usersDefaultAppDataLocaltemp
2015-11-11 12:35 . 2015-11-11 12:35 -------- d-----w-
c:usersAdministradorAppDataLocaltemp
2015-11-10 15:49 . 2015-10-20 06:33 11140960 ----a-w-
c:programdataMicrosoftWindows DefenderDefinition Updates{EB8DFF78-
5D78-4A71-B5DD-AC91010DDE3C}mpengine.dll
2015-11-10 15:34 . 2015-06-29 19:24 442264 ----a-w-
c:windowssystem32driversaswCBA3.tmp
2015-11-10 15:34 . 2015-06-29 19:24 93528 ----a-w-
c:windowssystem32driversaswCB90.tmp
2015-11-10 15:34 . 2015-06-29 19:24 89944 ----a-w-
2015-11-10 15:34 . 2015-06-29 19:24 65736 ----a-w-
2015-11-10 15:34 . 2015-06-29 19:24 29168 ----a-w-
2015-11-10 15:34 . 2015-06-29 19:24 272248 ----a-w-
2015-11-10 15:34 . 2015-06-29 19:24 137288 ----a-w-
c:windowssystem32driversaswCBB5.tmp
2015-11-10 15:34 . 2015-06-29 19:24 1047320 ----a-w-
c:windowssystem32driversaswCB8F.tmp
2015-11-10 15:34 . 2015-06-29 19:24 364472 ----a-w-
c:windowssystem32aswBoot.exe
2015-11-10 13:38 . 2015-11-10 15:28 -------- d-----w- c:program files
(x86)gmsd_br_005010142
2015-11-10 13:38 . 2015-11-10 15:28 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalgmsd_br_005010142
(x86)globalUpdate
(x86)CinePlus-1.44V09.11
2015-11-10 13:08 . 2015-11-10 13:08 -------- d-----w-

c:programdataSystweak
(x86)SFK
2015-11-10 12:00 . 2015-11-10 15:28 -------- d-----w-
c:programdata2WMiniPro2
(x86)RayDld
2015-11-10 02:27 . 2015-11-10 13:19 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataRoamingsystweak
2015-11-10 02:26 . 2015-11-10 02:26 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataRoamingmystartsearch
(x86)MyBrowser 1.0.2V09.11
2015-11-10 02:11 . 2015-11-10 02:11 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalMyBrowser
2015-11-10 02:11 . 2015-11-10 02:11 -------- d-----w-
c:usersusinagem01AppDataLocalMyBrowser
2015-11-10 02:04 . 2014-08-18 18:49 971544 ----a-w-
c:windowssystem32rlls64.dll
2015-11-10 02:01 . 2015-11-10 02:01 -------- d-----w-
c:windowssystem32appmgmt
2015-11-10 01:59 . 2015-11-10 01:59 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataRoamingUG
(x86)CinemaPlus_1.3dV10.11
2015-11-10 01:52 . 2015-11-10 15:28 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalFFFFFFFF-1447113173-FFFF-
FFFF-FFFFFFFFFFFF
(x86)FFFFFFFF-1447120314-FFFF-FFFF-FFFFFFFFFFFF
2015-11-10 01:50 . 2015-11-10 01:50 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalBoBrowser
2015-11-10 01:50 . 2015-11-10 01:50 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalDownload Touch
2015-11-06 11:12 . 2015-11-06 11:17 -------- d-----w- C:luz vencida
2015-10-30 11:27 . 2015-10-30 11:27 -------- d-----w-
c:usersusinagem01.ABRILSERVICEAppDataLocalFoxit Reader
2015-10-29 21:04 . 2015-10-29 21:04 -------- d-----w- C:CONTEUDO
PREFEITURA SANTO ANDRE ADMINISTRATIVO
2015-10-27 22:58 . 2015-10-27 22:59 -------- d-----w- C:ga
2015-10-25 16:50 . 2011-02-25 06:19 2871808 ----a-w-
c:windowsexplorer.exe
2015-10-25 16:50 . 2011-02-25 05:30 2616320 ----a-w-
c:windowsSysWow64explorer.exe
2015-10-25 16:50 . 2014-07-09 02:03 7168 ----a-w-
c:windowssystem32KBDYAK.DLL
2015-10-25 16:50 . 2014-07-09 02:03 7168 ----a-w-
c:windowssystem32KBDTAT.DLL
2015-10-25 16:50 . 2014-07-09 02:03 7168 ----a-w-
c:windowssystem32KBDRU1.DLL
2015-10-25 16:50 . 2014-07-09 02:03 6656 ----a-w-
c:windowssystem32KBDRU.DLL
2015-10-25 16:50 . 2014-07-09 02:03 7168 ----a-w-
c:windowssystem32KBDBASH.DLL
2015-10-25 16:50 . 2014-07-09 01:31 7168 ----a-w-
c:windowsSysWow64KBDYAK.DLL
2015-10-25 16:50 . 2014-07-09 01:31 6656 ----a-w-
c:windowsSysWow64KBDBASH.DLL
2015-10-25 16:49 . 2011-03-11 06:33 2565632 ----a-w-
c:windowssystem32esent.dll
2015-10-25 16:49 . 2011-03-11 06:41 166272 ----a-w-
c:windowssystem32driversnvstor.sys
2015-10-25 16:49 . 2011-03-11 06:41 148352 ----a-w-
c:windowssystem32driversnvraid.sys

2015-10-25 16:49 . 2011-03-11 06:41 410496 ----a-w-
c:windowssystem32driversiaStorV.sys
2015-10-25 16:49 . 2011-03-11 06:41 27008 ----a-w-
c:windowssystem32driversamdxata.sys
2015-10-25 16:49 . 2011-03-11 06:41 107904 ----a-w-
c:windowssystem32driversamdsata.sys
2015-10-25 16:49 . 2011-03-11 06:30 96768 ----a-w-
c:windowssystem32fsutil.exe
2015-10-25 16:49 . 2011-03-11 05:33 1699328 ----a-w-
c:windowsSysWow64esent.dll
2015-10-25 16:49 . 2011-03-11 05:31 74240 ----a-w-
c:windowsSysWow64fsutil.exe
2015-10-25 16:49 . 2011-03-11 04:37 91648 ----a-w-
c:windowssystem32driversUSBSTOR.SYS
2015-10-25 16:39 . 2012-02-11 06:36 559104 ----a-w-
c:windowssystem32spoolsv.exe
2015-10-25 16:39 . 2012-02-11 06:36 67072 ----a-w- c:windowssplwow64.exe
2015-10-23 18:39 . 2015-10-23 18:39 -------- d-s---w-
c:windowssystem32CompatTel
2015-10-23 18:39 . 2015-10-23 18:39 -------- d-----w-
c:windowssystem32appraiser
2015-10-23 18:39 . 2015-10-23 18:39 -------- d-----w-
c:windowsSysWow64Wat
2015-10-23 18:39 . 2015-10-23 18:39 -------- d-----w-
c:windowssystem32Wat
2015-10-23 18:39 . 2015-10-23 18:39 -------- d-s---w-
c:windowsSysWow64GWX
2015-10-23 18:39 . 2015-11-10 15:39 -------- d-s---w-
c:windowssystem32GWX
2015-10-23 17:50 . 2015-07-30 13:13 124624 ----a-w-
c:windowssystem32PresentationCFFRasterizerNative_v0300.dll
2015-10-23 17:50 . 2015-07-30 13:13 103120 ----a-w-
c:windowsSysWow64PresentationCFFRasterizerNative_v0300.dll
2015-10-23 16:50 . 2012-07-26 07:56 2560 ----a-w-
c:windowssystem32driverspt-BRwdf01000.sys.mui
2015-10-23 16:09 . 2012-07-26 03:08 84992 ----a-w-
c:windowssystem32WUDFSvc.dll
2015-10-23 16:09 . 2012-07-26 03:08 194048 ----a-w-
c:windowssystem32WUDFPlatform.dll
2015-10-23 16:09 . 2012-07-26 02:26 87040 ----a-w-
c:windowssystem32driversWUDFPf.sys
2015-10-23 16:09 . 2012-07-26 02:26 198656 ----a-w-
c:windowssystem32driversWUDFRd.sys
2015-10-23 16:09 . 2012-07-26 03:08 229888 ----a-w-
c:windowssystem32WUDFHost.exe
2015-10-23 16:09 . 2012-07-26 03:08 744448 ----a-w-
c:windowssystem32WUDFx.dll
2015-10-23 16:09 . 2012-07-26 03:08 45056 ----a-w-
c:windowssystem32WUDFCoinstaller.dll
2015-10-23 16:01 . 2015-10-23 16:01 -------- d-----w-
c:usersDefaultAppDataLocalMicrosoft Help
2015-10-23 15:53 . 2012-03-01 06:46 23408 ----a-w-
c:windowssystem32driversfs_rec.sys
2015-10-23 15:53 . 2012-03-01 06:28 5120 ----a-w- c:windowssystem32wmi.dll
2015-10-23 15:53 . 2012-03-01 05:29 5120 ----a-w- c:windowsSysWow64wmi.dll
2015-10-23 15:49 . 2014-06-27 02:08 2777088 ----a-w-
c:windowssystem32msmpeg2vdec.dll
2015-10-23 15:49 . 2014-06-27 01:45 2285056 ----a-w-
c:windowsSysWow64msmpeg2vdec.dll
2015-10-23 15:45 . 2014-03-09 21:48 171160 ----a-w-
c:windowssystem32infocardapi.dll
2015-10-23 15:45 . 2014-03-09 21:48 1389208 ----a-w-
c:windowssystem32icardagt.exe
2015-10-23 15:45 . 2014-03-09 21:47 99480 ----a-w-

c:windowsSysWow64infocardapi.dll
2015-10-23 15:45 . 2014-03-09 21:47 619672 ----a-w-
c:windowsSysWow64icardagt.exe
2015-10-23 15:45 . 2014-06-30 22:24 8856 ----a-w-
c:windowssystem32icardres.dll
2015-10-23 15:45 . 2014-06-30 22:14 8856 ----a-w-
c:windowsSysWow64icardres.dll
2015-10-23 15:45 . 2014-06-06 06:16 35480 ----a-w-
c:windowsSysWow64TsWpfWrp.exe
2015-10-23 15:45 . 2014-06-06 06:12 35480 ----a-w-
c:windowssystem32TsWpfWrp.exe
2015-10-23 14:55 . 2015-01-09 03:14 91136 ----a-w- c:windowssystem32wdi.dll
2015-10-23 14:55 . 2015-01-09 03:14 950272 ----a-w-
c:windowssystem32perftrack.dll
2015-10-23 14:55 . 2015-01-09 03:14 29696 ----a-w-
c:windowssystem32powertracker.dll
2015-10-23 14:55 . 2015-01-09 02:48 76800 ----a-w- c:windowsSysWow64wdi.dll
2015-10-23 14:50 . 2015-08-05 17:56 1737216 ----a-w- c:program
filesWindows JournalNBDoc.DLL
2015-10-23 14:50 . 2015-08-05 17:56 1411072 ----a-w- c:program
filesWindows JournalJNWDRV.dll
2015-10-23 14:50 . 2015-08-05 17:56 1372160 ----a-w- c:program
filesCommon FilesMicrosoft Sharedinkjournal.dll
2015-10-23 14:48 . 2010-12-23 10:42 961024 ----a-w-
c:windowssystem32CPFilters.dll
2015-10-23 14:47 . 2012-01-04 10:44 509952 ----a-w-
c:windowssystem32ntshrui.dll
2015-10-23 14:46 . 2014-04-25 02:34 801280 ----a-w-
c:windowssystem32usp10.dll
2015-10-23 14:45 . 2014-12-19 03:06 210432 ----a-w-
c:windowssystem32profsvc.dll
2015-10-23 14:44 . 2014-06-18 22:23 1943696 ----a-w-
c:windowssystem32dfshim.dll
2015-10-23 14:43 . 2014-10-14 02:13 683520 ----a-w-
c:windowssystem32termsrv.dll
2015-10-23 14:43 . 2015-07-15 03:19 52736 ----a-w-
c:windowssystem32basesrv.dll
2015-10-23 14:43 . 2011-12-30 06:26 515584 ----a-w-
c:windowssystem32timedate.cpl
2015-10-23 14:43 . 2011-12-30 05:27 478720 ----a-w-
c:windowsSysWow64timedate.cpl
2015-10-23 14:43 . 2014-12-06 04:17 303616 ----a-w-
c:windowssystem32nlasvc.dll
2015-10-23 14:43 . 2014-12-06 03:50 156672 ----a-w-
c:windowsSysWow64ncsi.dll
2015-10-23 14:43 . 2014-12-06 03:50 52224 ----a-w-
c:windowsSysWow64nlaapi.dll
2015-10-23 14:41 . 2015-09-29 03:16 5569472 ----a-w-
c:windowssystem32ntoskrnl.exe
2015-10-23 14:40 . 2015-04-27 19:23 229376 ----a-w-
c:windowssystem32wintrust.dll
2015-10-23 14:39 . 2015-06-15 21:45 3242496 ----a-w-
c:windowssystem32msi.dll
2015-10-23 14:38 . 2015-07-23 00:02 1390592 ----a-w-
c:windowssystem32diagtrack.dll
2015-10-23 14:37 . 2012-12-07 13:20 441856 ----a-w-
c:windowssystem32Wpc.dll
2015-10-23 14:36 . 2014-11-26 03:53 861696 ----a-w-
c:windowssystem32oleaut32.dll
2015-10-23 14:36 . 2014-11-26 03:32 571904 ----a-w-
c:windowsSysWow64oleaut32.dll
2015-10-23 14:36 . 2012-03-17 07:58 75120 ----a-w-
c:windowssystem32driverspartmgr.sys
2015-10-23 14:36 . 2015-06-25 10:06 115136 ----a-w-

c:windowssystem32consent.exe
2015-10-23 14:36 . 2015-06-25 10:01 1941504 ----a-w-
c:windowssystem32authui.dll
2015-10-23 14:36 . 2015-06-25 10:01 70656 ----a-w-
c:windowssystem32appinfo.dll
2015-10-23 14:36 . 2015-06-25 09:44 1805824 ----a-w-
c:windowsSysWow64authui.dll
2015-10-23 14:36 . 2015-02-18 07:06 123904 ----a-w-
c:windowsSysWow64poqexec.exe
2015-10-23 14:36 . 2015-02-18 07:04 142336 ----a-w-
c:windowssystem32poqexec.exe
2015-10-23 14:36 . 2014-11-11 03:08 241152 ----a-w-
c:windowssystem32pku2u.dll
2015-10-23 14:36 . 2014-11-11 02:44 186880 ----a-w-
c:windowsSysWow64pku2u.dll
2015-10-23 14:04 . 2014-10-03 01:45 248832 ----a-w-
c:windowsSysWow64WSManMigrationPlugin.dll
.
.
((((((((((((((((((((((((((((((((((((( Relatório
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-21 20:30 . 2015-06-29 13:51 97888 ----a-w-
c:windowsSysWow64WindowsAccessBridge-32.dll
2015-10-16 22:44 . 2015-06-29 19:28 780488 ----a-w-
c:windowsSysWow64FlashPlayerApp.exe
2015-10-16 22:44 . 2015-06-29 19:28 142536 ----a-w-
c:windowsSysWow64FlashPlayerCPLApp.cpl
2015-09-29 02:58 . 2015-10-23 14:41 44032 ----a-w-
c:windowsapppatchacwow64.dll
2015-08-26 21:04 . 2015-08-26 21:04 4587520 ----a-w-
c:windowsSysWow64GPhotos.scr
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]
"AvastUI.exe"="c:program filesAVAST SoftwareAvastAvastUI.exe" [2015-06-29
5515496]
"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava
Updatejusched.exe" [2015-10-06 596528]
.
c:programdataMicrosoftWindowsStart MenuProgramsStartup
ImageBrowser EX Agent.lnk - c:program files (x86)CanonImageBrowser
EXMFManager.exe [2015-9-11 69120]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows
ntcurrentversionwinlogonnotify GbPluginAbn]
2014-11-18 13:40 1939512 ----a-w- c:program files
(x86)GbPlugingbiehabn.dll
.
ntcurrentversionwinlogonnotify GbPluginBb]

(x86)GbPlugingbieh.dll
.
ntcurrentversionwinlogonnotify GbPluginCef]
(x86)GbPlugingbiehcef.dll
.
R1 gbpddfac;Warsaw File Access
svc;c:windowssystem32driversgbpddfac64.sys;c:windowsSYSNATIVEdriversgbpd
dfac64.sys [x]
R1
wafd_1_10_0_19;wafd_1_10_0_19;c:windowssystem32driverswafd_1_10_0_19.sys;c:
windowsSYSNATIVEdriverswafd_1_10_0_19.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:w
indowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:program files
(x86)Foxit SoftwareFoxit ReaderFoxit CloudFCUpdateService.exe;c:program
files (x86)Foxit SoftwareFoxit ReaderFoxit CloudFCUpdateService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector
Service;c:windowssystem32IEEtwCollector.exe;c:windowsSYSNATIVEIEEtwCollect
or.exe [x]
R3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler;c:program files
(x86)PDF Architect 3crash-handler-ws.exe;c:program files (x86)PDF Architect
3crash-handler-ws.exe [x]
R3 PDF Architect 3;PDF Architect 3;c:program files (x86)PDF Architect
3ws.exe;c:program files (x86)PDF Architect 3ws.exe [x]
R3
TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVE
driverstsusbflt.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do
Windows;c:windowssystem32WatWatAdminSvc.exe;c:windowsSYSNATIVEWatWatAdmi
nSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1
aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys;c:windowsSYSNATIVEdriver
saswSnx.sys [x]
S1
aswSP;aswSP;c:windowssystem32driversaswSP.sys;c:windowsSYSNATIVEdriversa
swSP.sys [x]
S1
LUMDriver;LUMDriver;c:windowssystem32driversLUMDriver.sys;c:windowsSYSNATI
VEdriversLUMDriver.sys [x]
S2 aswHwid;avast!
HardwareID;c:windowssystem32driversaswHwid.sys;c:windowsSYSNATIVEdrivers
aswHwid.sys [x]
S2
aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys;c:windowsSYSNATI
VEdriversaswMonFlt.sys [x]
S2
aswStm;aswStm;c:windowssystem32driversaswStm.sys;c:windowsSYSNATIVEdriver
saswStm.sys [x]
S2 BBDemon;Backbone Service;c:program filesDassault
SystemesB20win_b64codebinCATSysDemon.exe;c:program filesDassault
SystemesB20win_b64codebinCATSysDemon.exe [x]
S2 DiagTrack;Diagnostics Tracking
Service;c:windowsSystem32svchost.exe;c:windowsSYSNATIVEsvchost.exe [x]
S2 GbpSv;Gbp
Service;c:progra~2GbPluginGbpSv.exe;c:progra~2GbPluginGbpSv.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:program filesNVIDIA
CorporationGeForce Experience ServiceGfExperienceService.exe;c:program
filesNVIDIA CorporationGeForce Experience ServiceGfExperienceService.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:program files (x86)NVIDIA
CorporationNetServiceNvNetworkService.exe;c:program files (x86)NVIDIA
CorporationNetServiceNvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:program filesNVIDIA
CorporationNvStreamSrvnvstreamsvc.exe;c:program filesNVIDIA
CorporationNvStreamSrvnvstreamsvc.exe [x]
S2 PDF Architect 3 Creator;PDF Architect 3 Creator;c:program files (x86)PDF
Architect 3creator-ws.exe;c:program files (x86)PDF Architect 3creator-ws.exe
[x]
S2 Siemens PLM License Server;Siemens PLM License Server;c:program
filesSiemensPLMLicenseServerlmgrd.exe;c:program
filesSiemensPLMLicenseServerlmgrd.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files
(x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe;c:program files (x86)NVIDIA
Corporation3D VisionnvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:program filesAVAST
SoftwareAvastngvboxVBoxAswDrv.sys;c:program filesAVAST
SoftwareAvastngvboxVBoxAswDrv.sys [x]
S2 Warsaw Technology;Warsaw Technology;c:program
filesDieboldWarsawcore.exe;c:program filesDieboldWarsawcore.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:program filesAVAST
SoftwareAvastngvboxAvastVBoxSVC.exe;c:program filesAVAST
SoftwareAvastngvboxAvastVBoxSVC.exe [x]
S3 GBPRCM;Service for G-Buster Driver (PM);c:program files
(x86)GbPlugingbprcm64.sys;c:program files (x86)GbPlugingbprcm64.sys [x]
S3 NvStreamKms;NvStreamKms;c:program filesNVIDIA
CorporationNvStreamSrvNvStreamKms.sys;c:program filesNVIDIA
CorporationNvStreamSrvNvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible)
(WDM);c:windowssystem32driversnvvad64v.sys;c:windowsSYSNATIVEdriversnvva
d64v.sys [x]
S3 RTL8167;Realtek 8167 NT
Driver;c:windowssystem32DRIVERSRt64win7.sys;c:windowsSYSNATIVEDRIVERSRt6
4win7.sys [x]
S3 Warsaw_PP;Warsaw
Protector;c:progra~2GbPluginwsftprp64.sys;c:progra~2GbPluginwsftprp64.sys
[x]
S4 WinDivert1.1;WinDivert1.1;c:program
filesDieboldWarsawWinDivert64.sys;c:program
filesDieboldWarsawWinDivert64.sys [x]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - GbFtIn
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled
components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
(x86)GoogleChromeApplication46.0.2490.80Installerchrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2015-11-11 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2015-06-29
22:44]
.
2015-11-11 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2015-06-29 13:42]
.
2015-11-11 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2015-06-29 13:42]
.

2015-11-11 c:windowsTasks{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
- c:usersusinagem01.ABRILSERVICEAppDataRoaming{2F3AA0F6-976C-4b02-A66A-
5D1DEA00811F}InstallHelp.exe [2015-07-15 08:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershellicon
overlayidentifiers00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]
2015-06-29 19:24 722400 ----a-w- c:program filesAVAST
SoftwareAvastashShA64.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"NvBackend"="c:program files (x86)NVIDIA CorporationUpdate
CoreNvBackend.exe" [2015-06-17 2754704]
"RTHDVCPL"="c:program filesRealtekAudioHDARAVCpl64.exe" [2015-06-29
13876952]
"Diebold - Warsaw"="c:program filesDieboldWarsawcore.exe" [2015-06-19
858424]
.
------- Scan Suplementar -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = https://www.google.com.br/
mStart Page = https://www.google.com/?trackid=sp-006
mLocal Page = c:windowsSysWOW64blank.htm
mSearch Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
mSearch Bar = https://www.google.com/?trackid=sp-006
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:windowssystem32GPhotos.scr/200
IE: E&xportar para o Microsoft Excel -
c:progra~2MICROS~1Office12EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.brwww
Trusted Zone: bancobrasil.com.brwww14
Trusted Zone: bancobrasil.com.brwww2
Trusted Zone: bancoreal.com.brwww
Trusted Zone: bancosantander.com.brwww
Trusted Zone: bb.com.brseg
Trusted Zone: bb.com.brwww
Trusted Zone: caixa.gov.brimagem
Trusted Zone: caixa.gov.brimagem2
Trusted Zone: caixa.gov.brinternetbanking
Trusted Zone: caixa.gov.brinternetbankingpf
Trusted Zone: caixa.gov.brwww
Trusted Zone: realsecureweb.com.brwww
Trusted Zone: realsecureweb.com.brwww2
Trusted Zone: realsecureweb.com.brwwws
Trusted Zone: santander.com.brwww
Trusted Zone: santanderempresarial.com.brwww
Trusted Zone: santandernet.com.brwww
Trusted Zone: santandernet.com.brwwws
Trusted Zone: santandernet.com.brwwws2
Trusted Zone: santandernetibe.com.brwww
Trusted Zone: secureweb.com.brwww
TCP: DhcpNameServer = 192.168.25.1
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{06E08260-0695-4EC1-A74B-1310D8899D93} - (no file)
BHO-{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} - (no file)

Wow6432Node-HKCU-Run-showMsg - c:program files (x86)Common FilesshowMsg.exe
Wow6432Node-HKCU-Run-Yeaplayer - c:program files
(x86)YeaplayerYeaplayermd.exe
Wow6432Node-HKCU-Run-YeaInstaller - c:windowssvchost.exe
Wow6432Node-HKCU-Run-YTDownloader - c:program files
(x86)YTDownloaderYTDownloader.exe
Wow6432Node-HKLM-Run-gmsd_br_004010025 - (no file)
Wow6432Node-HKLM-Run-YTDownloader - c:program files
(x86)YTDownloaderYTDownloader.exe
Wow6432Node-HKLM-Run-rec_br_47 - (no file)
HKLM-Run-3D BubbleSound - c:program filesBubbleSound3D BubbleSound.exe
AddRemove-iWebar - c:program files (x86)iWebarUninstall.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_19_0_0_2
26_ActiveX.exe,-101"
.
D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}LocalServer32]
@="c:Windowssystem32MacromedFlashFlashUtil64_19_0_0_226_ActiveX.exe"
.
D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{299817DA-1FAC-4CE2-8F48-
A108237013BD}]
@="IFlashBroker6"
.
A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}]
@="FlashBroker"
"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_19_0_0_2
26_ActiveX.exe,-101"
.
D2C18CA0866F}Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}LocalServer32]
@="c:WindowsSysWOW64MacromedFlashFlashUtil32_19_0_0_226_ActiveX.exe"

.
D2C18CA0866F}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@="Shockwave Flash Object"
.
444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
444553540000}MiscStatus]
@="0"
.
444553540000}ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_19_0_0_226.ocx, 1"
.
444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}Version]
@="1.0"
.
444553540000}VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@="Macromedia Flash Factory Object"
.
444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
444553540000}ProgID]
@="FlashFactory.FlashFactory.1"
.
444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_19_0_0_226.ocx, 1"
.
444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}Version]
@="1.0"

.
444553540000}VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{299817DA-1FAC-4CE2-
8F48-A108237013BD}]
@="IFlashBroker6"
.
8F48-A108237013BD}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
8F48-A108237013BD}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:program filesAVAST SoftwareAvastAvastSvc.exe
.
**************************************************************************
.
Tempo para conclusão: 2015-11-11 11:49:10 - Máquina reiniciou
ComboFix-quarantined-files.txt 2015-11-11 13:49
.
Pré-execução: 323.841.835.008 bytes disponíveis
Pós execução: 320.651.689.984 bytes disponíveis
.
- - End Of File - - 2499AC8F0AB07BB507E7A7AC1AB46D02
A36C5E4F47E84449FF07ED3517B43A31

Combo fix

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Viewers also liked

Viewers also liked (19)

Similar to Combo fix

Similar to Combo fix (20)

Recently uploaded

Recently uploaded (20)

Combo fix