Scribd Logo
Carica

Benvenuto in Scribd!

  • Combo Fix

    Caricato da

    Anonymous iNZLjNif
    62 visualizzazioni10 pagine
    CSDZXAVFEAWS

    Copyright

    © © All Rights Reserved

    Formati disponibili

    TXT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    CSDZXAVFEAWS

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    62 visualizzazioni10 pagine

    Combo Fix

    Caricato da

    Anonymous iNZLjNif
    CSDZXAVFEAWS

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 10

    ComboFix 18-08-08.01 - Cesar 14/07/2019 8:40.11.

    2 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.51.3082.18.8137.6058 [GMT -5:00]
    Running from: c:\users\Cesar\Downloads\ComboFix.exe
    AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other
    Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World1\Desktop_1.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World1\Desktop_2.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World3\Desktop_1.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World3\Desktop_2.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World4\Desktop_1.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World4\Desktop_2.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World9\Desktop_1.ini
    c:\program files (x86)\Mu Peruano 2019\Data\Sky\World9\Desktop_2.ini
    .
    .
    ((((((((((((((((((((((((( Files Created from 2019-06-14 to 2019-07-
    14 )))))))))))))))))))))))))))))))
    .
    .
    2019-07-14 13:46 . 2019-07-14 13:46 -------- d-----w-
    c:\users\Public\AppData\Local\temp
    2019-07-14 13:46 . 2019-07-14 13:46 -------- d-----w-
    c:\users\Default\AppData\Local\temp
    2019-07-12 14:59 . 2019-07-12 14:59 122960 ----a-w-
    c:\windows\system32\RtNicProp64.dll
    2019-07-12 14:59 . 2019-07-12 14:59 1121288 ----a-w-
    c:\windows\system32\drivers\Rt64win7.sys
    2019-07-12 14:48 . 2019-07-12 14:48 206128 ----a-w-
    c:\windows\system32\drivers\nvhda64v.sys
    2019-07-12 14:48 . 2019-07-12 14:48 40240 ----a-w-
    c:\windows\system32\nvhdap64.dll
    2019-07-12 14:48 . 2019-07-12 14:48 1524016 ----a-w-
    c:\windows\system32\nvhdagenco6420103.dll
    2019-07-12 14:47 . 2016-11-14 09:45 615992 ----a-w-
    c:\windows\SysWow64\nvStreaming.exe
    2019-06-15 16:00 . 2019-06-15 16:00 -------- d-----w- c:\program files
    (x86)\Filtrar
    2019-06-15 02:31 . 2019-07-12 12:18 -------- d-----w- c:\programdata\KMSAutoS
    2019-06-15 02:31 . 2019-06-15 02:31 -------- d-----w-
    c:\users\Cesar\AppData\Local\MSfree Inc
    2019-06-15 02:29 . 2019-06-15 02:29 -------- d-----w- c:\program
    files\Microsoft.NET
    2019-06-15 02:28 . 2019-06-15 02:28 -------- d-----w-
    c:\programdata\regid.1991-06.com.microsoft
    2019-06-15 02:28 . 2019-06-15 02:28 -------- d-----w- c:\program files\Common
    Files\DESIGNER
    2019-06-15 02:28 . 2019-06-15 02:28 -------- d-----w- c:\program files
    (x86)\Microsoft SQL Server
    2019-06-15 02:28 . 2019-06-15 02:28 -------- d-----w- c:\program
    files\Microsoft SQL Server
    2019-06-15 02:28 . 2019-06-15 02:28 -------- d-----w- c:\windows\PCHEALTH
    2019-06-15 02:25 . 2019-06-15 02:25 -------- d-----w- c:\program
    files\Microsoft Analysis Services
    2019-06-15 02:25 . 2019-06-15 02:25 -------- d-----w- c:\program files
    (x86)\Microsoft Analysis Services
    2019-06-15 02:25 . 2019-06-15 02:28 -------- d-----w- c:\program
    files\Microsoft Office
    2019-06-15 02:24 . 2019-06-15 02:24 -------- d-----r- C:\MSOCache
    2019-06-15 00:33 . 2019-06-15 00:33 466456 ----a-w-
    c:\windows\system32\wrap_oal.dll
    2019-06-15 00:33 . 2019-06-15 00:33 444952 ----a-w-
    c:\windows\SysWow64\wrap_oal.dll
    2019-06-15 00:33 . 2019-06-15 00:33 122904 ----a-w-
    c:\windows\system32\OpenAL32.dll
    2019-06-15 00:33 . 2019-06-15 00:33 109080 ----a-w-
    c:\windows\SysWow64\OpenAL32.dll
    2019-06-15 00:33 . 2019-06-15 00:33 -------- d-----w- c:\program files
    (x86)\OpenAL
    2019-06-15 00:30 . 2019-06-15 00:30 -------- d-----w-
    c:\windows\SysWow64\xlive
    2019-06-15 00:30 . 2019-06-15 00:30 -------- d-----w- c:\program files
    (x86)\Microsoft Games for Windows - LIVE
    2019-06-15 00:29 . 2019-06-15 00:29 -------- d-----w- c:\program
    files\Microsoft Silverlight
    2019-06-15 00:29 . 2019-06-15 00:29 -------- d-----w- c:\program files
    (x86)\Microsoft Silverlight
    2019-06-15 00:27 . 2019-06-15 00:27 -------- d-----w- c:\program files
    (x86)\Microsoft XNA
    2019-06-15 00:25 . 2019-06-15 00:25 32221576 ----a-w-
    c:\windows\SysWow64\atioglxx.dll
    2019-06-15 00:25 . 2019-06-15 00:25 1579400 ----a-w-
    c:\windows\system32\coinst_19.10.dll
    2019-06-15 00:25 . 2019-06-15 00:25 39051656 ----a-w-
    c:\windows\system32\atio6axx.dll
    2019-06-15 00:23 . 2019-06-15 00:23 117744 ----a-w-
    c:\windows\system32\drivers\amdhub30.sys
    2019-06-15 00:21 . 2019-06-15 00:21 72520816 ----a-w-
    c:\windows\system32\RCoRes64.dat
    2019-06-15 00:21 . 2019-06-15 00:21 3677264 ----a-w-
    c:\windows\system32\RTSnMg64.cpl
    2019-06-15 00:04 . 2019-07-12 12:24 65536 ----a-w-
    c:\windows\system32\spu_storage.bin
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M
    Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2019-07-12 14:59 . 2016-12-07 23:32 118928 ----a-w-
    c:\windows\system32\RTNUninst64.dll
    2019-06-20 13:52 . 2016-12-08 00:43 168104 ----a-w-
    c:\windows\system32\drivers\aswMonFlt.sys
    2019-06-18 12:45 . 2016-12-08 00:43 225600 ----a-w-
    c:\windows\system32\drivers\aswStm.sys
    2019-06-15 00:31 . 2016-12-10 02:28 842296 ----a-w-
    c:\windows\SysWow64\FlashPlayerApp.exe
    2019-06-15 00:31 . 2016-12-10 02:28 175160 ----a-w-
    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2019-06-15 00:24 . 2016-12-10 12:08 750984 ----a-w-
    c:\windows\system32\atieclxx.exe
    2019-06-15 00:24 . 2016-12-10 12:08 498056 ----a-w-
    c:\windows\system32\atiesrxx.exe
    2019-06-15 00:24 . 2016-12-07 23:38 207688 ----a-w-
    c:\windows\system32\atiuxp64.dll
    2019-06-15 00:24 . 2016-12-10 12:08 13465888 ----a-w-
    c:\windows\system32\atiumd6a.dll
    2019-06-15 00:24 . 2016-12-10 12:08 229256 ----a-w-
    c:\windows\system32\atig6txx.dll
    2019-06-15 00:24 . 2016-12-07 23:38 26988752 ----a-w-
    c:\windows\system32\atidxx64.dll
    2019-06-15 00:24 . 2016-12-10 12:08 1695624 ----a-w-
    c:\windows\system32\atiadlxx.dll
    2019-06-15 00:24 . 2016-12-07 23:38 1946592 ----a-w-
    c:\windows\system32\aticfx64.dll
    2019-06-15 00:24 . 2016-12-10 12:08 57451912 ----a-w-
    c:\windows\system32\amdocl64.dll
    2019-06-15 00:24 . 2016-12-10 12:08 27344264 ----a-w-
    c:\windows\system32\amdocl12cl64.dll
    2019-05-31 13:01 . 2016-12-08 00:43 385880 ----a-w-
    c:\windows\system32\drivers\aswVmm.sys
    2019-05-23 12:56 . 2016-12-08 00:43 477584 ----a-w-
    c:\windows\system32\drivers\aswSP.sys
    2019-05-23 12:56 . 2016-12-08 00:43 87944 ----a-w-
    c:\windows\system32\drivers\aswRvrt.sys
    2019-05-23 12:56 . 2016-12-08 00:43 112312 ----a-w-
    c:\windows\system32\drivers\aswRdr2.sys
    2019-05-23 12:56 . 2018-10-15 12:16 42288 ----a-w-
    c:\windows\system32\drivers\aswKbd.sys
    2019-05-23 12:56 . 2019-02-13 12:11 279120 ----a-w-
    c:\windows\system32\drivers\aswHdsKe.sys
    2019-05-23 12:55 . 2019-05-23 12:57 363400 ----a-w-
    c:\windows\system32\aswBoot.exe
    2019-05-23 12:55 . 2019-01-15 14:41 37104 ----a-w-
    c:\windows\system32\drivers\aswArDisk.sys
    2019-05-23 12:55 . 2017-11-11 11:36 207448 ----a-w-
    c:\windows\system32\drivers\aswArPot.sys
    2019-05-23 12:55 . 2016-12-08 00:43 1030784 ----a-w-
    c:\windows\system32\drivers\aswSnx.sys
    2019-05-23 12:55 . 2019-01-15 14:41 61472 ----a-w-
    c:\windows\system32\drivers\aswbuniv.sys
    2019-05-23 12:55 . 2019-01-15 14:51 262496 ----a-w-
    c:\windows\system32\drivers\aswbidsdriver.sys
    2019-05-23 12:55 . 2019-01-15 14:41 205848 ----a-w-
    c:\windows\system32\drivers\aswbidsh.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading
    Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
    shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2015-07-31 15:01 1512152 ----a-w-
    c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
    shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2015-07-31 15:01 1512152 ----a-w-
    c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
    shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2015-07-31 15:01 1512152 ----a-w-
    c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
    .
    c:\users\Cesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Filtrar.lnk - c:\program files (x86)\Filtrar\Regpsvc.exe [2019-6-15 290816]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe [2018-2-12 113664]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk /k:C /k:D /k:E *
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DFServ]
    @="Service"
    .
    R2
    aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\a
    swStm.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
    v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\wind
    ows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST
    Software\Avast\aswidsagent.exe;c:\program files\AVAST
    Software\Avast\aswidsagent.exe [x]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio
    Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\Atihd
    W76.sys [x]
    R3 BEService;BattlEye Service;c:\program files (x86)\Common
    Files\BattlEye\BEService.exe;c:\program files (x86)\Common
    Files\BattlEye\BEService.exe [x]
    R3 BlueStacksDrv;BlueStacks Hypervisor;c:\program
    files\BlueStacks\BstkDrv.sys;c:\program files\BlueStacks\BstkDrv.sys [x]
    R3 EasyAntiCheat;EasyAntiCheat;c:\program files
    (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files
    (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
    R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files
    (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe;c:\program
    files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector
    Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.
    exe [x]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft
    Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source
    Engine\OSE.EXE [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport
    Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\driver
    s\rdpvideominiport.sys [x]
    R3
    Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATI
    VE\drivers\synth3dvsc.sys [x]
    R3
    TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\dri
    vers\tsusbflt.sys [x]
    R3
    tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\dri
    vers\tsusbhub.sys [x]
    R3
    VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvg
    kmd.sys [x]
    R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
    R3 xspirit;xspirit;c:\windows\xspirit.sys;c:\windows\xspirit.sys [x]
    R4 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by
    arvato;c:\program files\Common Files\Protexis\License
    Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License
    Service\PsiService_2.exe [x]
    S0
    amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRI
    VERS\amdide64.sys [x]
    S0
    aswArDisk;aswArDisk;c:\windows\system32\drivers\aswArDisk.sys;c:\windows\SYSNATIVE\
    drivers\aswArDisk.sys [x]
    S0
    aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsh.sys;c:\windows\SYSNATIVE\dri
    vers\aswbidsh.sys [x]
    S0
    aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniv.sys;c:\windows\SYSNATIVE\dri
    vers\aswbuniv.sys [x]
    S0
    aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\driver
    s\aswRvrt.sys [x]
    S0
    aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\a
    swVmm.sys [x]
    S0 DeepFrz;DeepFrz; [x]
    S1
    aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\dri
    vers\aswArPot.sys [x]
    S1
    aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriver.sys;c:\window
    s\SYSNATIVE\drivers\aswbidsdriver.sys [x]
    S1
    aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\dri
    vers\aswHdsKe.sys [x]
    S1
    aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\a
    swKbd.sys [x]
    S1
    aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\a
    swSnx.sys [x]
    S1
    aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswS
    P.sys [x]
    S1 HWiNFO32;HWiNFO32/64 Kernel
    Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO
    64A.SYS [x]
    S2 AMD External Events Utility;AMD External Events
    Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program
    files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program
    files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
    S2 AODDriver4.3;AODDriver4.3;c:\program
    files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program
    files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
    S2
    aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\
    drivers\aswMonFlt.sys [x]
    S2 DFServ;DFServ;c:\program files (x86)\Faronics\Deep Freeze\Install C-
    0\DFServ.exe;c:\program files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [x]
    S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA
    Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program
    files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
    S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA
    Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA
    Corporation\NetService\NvNetworkService.exe [x]
    S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamService.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files
    (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA
    Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S3 amdhub30;AMD USB 3.0 Hub
    Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub
    30.sys [x]
    S3 amdxhc;AMD USB 3.0 Host Controller
    Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.s
    ys [x]
    S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamKms.sys [x]
    S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA
    Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
    S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible)
    (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64
    v.sys [x]
    S3 RTL8167;Realtek 8167 NT
    Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64wi
    n7.sys [x]
    .
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
    rlayidentifiers\00asw]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
    rlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2019-05-23 12:55 1614216 ----a-w- c:\program files\AVAST
    Software\Avast\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
    rlayidentifiers\00asw]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
    rlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2019-05-23 12:55 1614216 ----a-w- c:\program files\AVAST
    Software\Avast\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2019-05-23
    262024]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office16\ONBttnIE.dll/105
    IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office16\EXCEL.EXE/3000
    TCP: Interfaces\{F250A6E3-584F-424B-8D5F-C447EF35C6F2}: NameServer =
    200.48.225.130,200.48.225.146
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files
    (x86)\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - c:\program files
    (x86)\Microsoft Office\Office16\MSOSB.DLL
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files
    (x86)\Microsoft Office\Office16\MSOSB.DLL
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.h
    tm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.h
    tml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s
    html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x
    ht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x
    html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_207_
    ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_207_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
    A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
    A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
    A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_207_
    ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_207_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
    D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_207.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.32"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_207.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
    444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_207.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_207.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
    444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
    8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
    8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
    8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\AVAST Software]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
    {B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
    Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2019-07-14 08:48:57
    ComboFix-quarantined-files.txt 2019-07-14 13:48
    ComboFix2.txt 2019-07-14 13:37
    ComboFix3.txt 2019-03-22 15:59
    ComboFix4.txt 2019-03-22 15:36
    ComboFix5.txt 2019-07-14 13:39
    .
    Pre-Run: 85,324,521,472 bytes libres
    Post-Run: 85,247,508,480 bytes libres
    .
    - - End Of File - - 2CC2C9D3D63E26EA22727EDFF536A710
    A36C5E4F47E84449FF07ED3517B43A31

    Potrebbero piacerti anche