ComboFix 19-11-04.01 - Liquori - Sapore 15/12/2019   0:30.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.55.1046.18.3980.2124 [GMT -3:00]
Executando de: c:\users\Liquori - Sapore\Documents\Work\combofix-19-11-4-1.exe
AV: McAfee VirusScan *Disabled/Updated* {9D4501E6-72F6-2877-C789-89AF6F535B2C}
FW: McAfee Firewall *Disabled* {A57E80C3-3899-292F-ECD6-209A91801C57}
SP: McAfee VirusScan *Disabled/Updated* {2624E002-54CC-27F9-FD39-B2DD14D41191}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2019-11-15 to 2019-12-15  ))))))))))))))))))))))))))))
.
.
2021-03-15 03:15 . 2021-03-15 03:15	--------	d-----w-	c:\program files\DNS-LOCK
2021-03-12 19:36 . 2021-03-12 19:36	--------	d-----w-	c:\program files (x86)\Cisco
2021-03-12 19:35 . 2020-07-09 16:23	9547864	----a-w-	c:\windows\system32\drivers\rtwlanu.sys
2021-03-11 19:14 . 2021-03-11 19:16	--------	d-----w-	c:\program files (x86)\TP-Link
2021-03-11 19:13 . 2017-12-20 03:59	4628712	----a-w-	c:\windows\system32\rtwlanu.sys
2021-03-11 19:13 . 2017-12-20 03:59	39144	----a-w-	c:\windows\system32\rtlCoInst.dll
2021-03-11 19:13 . 2021-03-11 19:16	--------	d-----w-	c:\programdata\TP-Link
2021-03-04 22:21 . 2021-01-18 05:58	89112	----a-w-	c:\windows\system32\drivers\McPvDrv.sys
2021-01-14 13:41 . 2021-01-14 13:41	--------	d-----w-	c:\program files (x86)\Common Files\Java
2021-01-14 13:40 . 2021-01-14 13:40	--------	d-----w-	c:\program files (x86)\Common Files\Oracle
2021-01-13 18:19 . 2021-01-14 13:40	165032	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2021-01-13 18:18 . 2021-01-14 13:41	--------	d-----w-	c:\program files (x86)\Java
2021-01-13 18:16 . 2021-01-13 18:20	--------	d-----w-	c:\programdata\Oracle
2021-01-12 22:15 . 2021-01-12 22:15	724690	----a-w-	c:\windows\unins000.exe
2021-01-12 20:32 . 2021-03-15 01:24	--------	d-----w-	C:\DegustWin
2021-01-12 20:32 . 2021-01-12 20:33	--------	d-----w-	C:\DegustMobile
2021-01-12 20:14 . 2017-02-15 11:57	548864	----a-w-	c:\windows\SysWow64\GDS32.DLL
2021-01-12 20:14 . 2017-02-15 11:57	548864	----a-w-	c:\windows\SysWow64\FBCLIENT.DLL
2021-01-12 20:14 . 2017-02-15 11:58	462848	----a-w-	c:\windows\SysWow64\Firebird2Control.cpl
2021-01-12 20:14 . 2021-01-12 20:14	--------	d-----w-	c:\program files (x86)\Firebird
2021-01-09 20:11 . 2021-01-09 20:17	--------	d-----w-	C:\Atualização DPOS
2021-01-09 00:17 . 2021-01-09 00:17	--------	d-----w-	C:\TEF_DIAL
2021-01-09 00:13 . 2021-01-09 00:13	--------	d-----w-	C:\Suporte D-TEF
2021-01-09 00:13 . 2021-01-09 00:16	--------	d-----w-	c:\programdata\DIRECAO
2021-01-09 00:13 . 2021-01-09 00:13	--------	d-----w-	c:\program files (x86)\Cisco Systems
2021-01-09 00:12 . 2021-01-09 00:12	--------	d-----w-	c:\program files (x86)\Ingenico Group
2021-01-09 00:09 . 2021-01-09 00:13	--------	d-----w-	C:\suporte
2020-12-29 20:44 . 2021-01-14 15:09	--------	d-----w-	c:\program files (x86)\LogMeIn Rescue Applet
2020-12-23 19:40 . 2015-11-10 18:55	1648128	----a-w-	c:\windows\system32\DWrite.dll
2020-12-23 19:40 . 2015-11-10 18:55	1180160	----a-w-	c:\windows\system32\FntCache.dll
2020-12-23 19:40 . 2015-11-10 18:39	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2020-12-23 19:40 . 2015-12-20 18:50	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2020-12-23 19:40 . 2015-12-20 18:50	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2020-12-23 19:40 . 2015-12-20 14:08	243200	----a-w-	c:\windows\system32\rdpudd.dll
2020-12-23 19:40 . 2015-07-30 18:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2020-12-23 19:40 . 2015-07-30 17:57	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2020-12-23 19:40 . 2016-04-09 04:20	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2020-12-23 19:40 . 2016-04-09 03:52	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2020-12-23 18:45 . 2020-12-23 18:45	--------	d-----w-	c:\program files (x86)\Teams Installer
2020-12-23 18:38 . 2021-02-13 23:15	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2020-12-23 18:38 . 2020-12-23 18:38	--------	d-----w-	c:\program files\Common Files\DESIGNER
2020-12-23 18:29 . 2021-02-13 23:13	--------	d-----w-	c:\program files\Microsoft Office
2020-12-23 18:29 . 2020-12-23 18:29	--------	d-----w-	c:\program files\Microsoft Office 15
2020-12-23 16:57 . 2020-12-23 16:57	--------	d-----w-	c:\programdata\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2020-12-23 16:57 . 2021-03-14 05:24	--------	d-----w-	c:\programdata\ProductData
2020-12-23 16:57 . 2020-12-23 16:57	--------	d-----w-	c:\program files (x86)\Common Files\IObit
2020-12-23 16:57 . 2020-12-23 16:57	--------	d-----w-	c:\program files (x86)\IObit
2020-12-23 16:57 . 2021-03-14 05:16	--------	d-----w-	c:\programdata\IObit
2020-12-22 22:24 . 2021-03-12 19:35	59232	----a-w-	c:\windows\runSW.exe
2020-12-22 22:24 . 2021-03-12 19:35	518896	----a-w-	c:\windows\SwUSB.exe
2020-12-22 22:24 . 2020-07-09 16:09	1139416	----a-w-	c:\windows\system32\Rtlihvs.dll
2020-12-19 23:22 . 2020-07-23 17:01	15872	----a-w-	c:\windows\system32\drivers\anodlwfx.sys
2020-12-17 09:02 . 2020-12-17 09:02	608192	----a-w-	c:\windows\system32\drivers\mfencbdc.sys
2020-12-17 09:02 . 2020-12-17 09:02	30144	----a-w-	c:\windows\system32\drivers\mfeclnrk.sys
2020-12-17 09:02 . 2020-12-17 09:02	107968	----a-w-	c:\windows\system32\drivers\mfencrk.sys
2020-12-15 16:40 . 2021-01-13 18:18	--------	d-----w-	c:\program files (x86)\Bematech
2020-12-15 15:46 . 2020-12-15 17:48	--------	d-----w-	c:\program files (x86)\MP-2800_DRV
2020-12-15 14:57 . 2021-03-10 22:33	--------	d-----w-	C:\Bematool_4_Pro
2020-12-15 14:38 . 2021-01-12 20:38	--------	d-----w-	C:\Bematech
2020-12-15 13:53 . 2020-12-15 13:53	--------	d-----w-	C:\Epson
2020-12-15 13:53 . 2021-03-10 01:14	--------	d-----w-	c:\programdata\firebird
2020-12-15 13:50 . 2021-01-12 19:58	--------	d-----w-	C:\LINX
2020-12-14 02:56 . 2021-03-09 19:15	--------	d-----w-	c:\program files (x86)\TeamViewer
2020-12-14 02:55 . 2020-12-15 13:44	--------	d-----w-	c:\programdata\AnyDesk
2020-12-14 02:55 . 2021-03-09 16:24	--------	d-----w-	c:\program files (x86)\AnyDesk
2020-12-14 02:51 . 2020-12-14 02:51	--------	d-----w-	c:\programdata\Microsoft OneDrive
2020-12-14 02:47 . 2021-02-13 23:12	6943136	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2020-12-14 02:29 . 2020-05-26 03:11	218960	----a-w-	c:\windows\system32\drivers\HipShieldK.sys
2020-12-14 02:28 . 2020-12-14 02:29	--------	d-----w-	c:\program files\McAfee
2020-12-14 02:27 . 2020-12-14 02:27	--------	d-----w-	c:\program files\Common Files\AV
2020-12-14 02:27 . 2021-03-05 20:13	--------	d-----w-	c:\program files (x86)\McAfee
2020-12-14 02:26 . 2020-12-10 23:36	583720	----a-w-	c:\windows\system32\mfevtps.exe
2020-12-11 20:34 . 2020-12-11 20:34	--------	d-----w-	c:\program files (x86)\Microsoft
2020-12-11 19:47 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2020-12-11 19:47 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2020-12-11 19:07 . 2013-11-26 08:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2020-12-11 19:07 . 2013-11-22 22:48	3928064	----a-w-	c:\windows\system32\d2d1.dll
2020-12-11 19:07 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2020-12-11 12:19 . 2013-10-14 21:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2020-12-11 12:15 . 2016-04-14 13:49	603648	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2020-12-11 12:15 . 2016-04-14 13:21	647680	----a-w-	c:\windows\system32\d3d10level9.dll
2020-12-11 12:14 . 2015-12-08 19:07	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2020-12-11 12:14 . 2015-12-08 21:54	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2020-12-11 12:13 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2020-12-11 12:13 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2020-12-11 10:54 . 2013-10-02 04:57	3584	----a-w-	c:\windows\system32\drivers\pt-BR\tsusbflt.sys.mui
2020-12-11 10:54 . 2013-10-02 01:10	44544	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2020-12-11 10:54 . 2013-10-02 02:22	56832	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2020-12-11 10:54 . 2013-10-02 02:11	13824	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2020-12-11 10:54 . 2013-10-02 02:08	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2020-12-11 10:54 . 2013-10-02 01:48	56832	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2020-12-11 10:54 . 2013-10-02 01:48	18944	----a-w-	c:\windows\system32\wksprtPS.dll
2020-12-11 10:54 . 2013-10-02 00:14	50176	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2020-12-11 10:54 . 2013-10-02 00:14	17920	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2020-12-11 10:54 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\SysWow64\mstsc.exe
2020-12-11 10:54 . 2013-10-01 23:31	1147392	----a-w-	c:\windows\system32\mstsc.exe
2020-12-11 10:52 . 2012-08-23 15:09	3072	----a-w-	c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2020-12-11 10:52 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2020-12-11 10:52 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2020-12-11 10:52 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2020-12-11 10:52 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2020-12-11 10:49 . 2020-12-11 10:49	--------	d-----w-	c:\program files\Microsoft Silverlight
2020-12-11 10:49 . 2020-12-11 10:49	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2020-12-11 10:48 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2020-12-11 10:48 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2020-12-11 10:48 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2020-12-11 10:48 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2020-12-11 10:48 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2020-12-11 10:09 . 2020-12-11 10:09	--------	d-----w-	c:\windows\system32\appraiser
2020-12-11 10:09 . 2020-12-11 10:09	--------	d-s---w-	c:\windows\system32\CompatTel
2020-12-11 06:37 . 2020-12-11 06:37	--------	d-----w-	c:\windows\Migration
2020-12-11 06:34 . 2021-02-10 02:26	--------	d-----w-	c:\windows\system32\MRT
2020-12-11 06:27 . 2019-08-13 00:56	634368	----a-w-	c:\windows\system32\devinv.dll
2020-12-11 06:16 . 2019-10-11 02:22	338944	----a-w-	c:\windows\system32\sipnotify.exe
2020-12-11 03:45 . 2020-12-11 03:45	--------	d-----w-	c:\windows\SysWow64\Wat
2020-12-11 03:45 . 2020-12-11 03:45	--------	d-----w-	c:\windows\system32\Wat
2020-12-11 02:17 . 2012-07-26 07:56	2560	----a-w-	c:\windows\system32\drivers\pt-BR\wdf01000.sys.mui
2020-12-11 01:25 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2020-12-11 01:25 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2020-12-11 01:25 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2020-12-11 01:25 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2020-12-11 01:25 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2020-12-11 01:25 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2020-12-11 01:25 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2020-12-11 01:03 . 2017-04-27 22:50	3550208	----a-w-	c:\windows\SysWow64\D3DCompiler_47.dll
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-10-29 22:06 . 2010-11-21 03:27	795000	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
2021-03-03 08:45	416648	----a-w-	c:\program files (x86)\Microsoft\Edge\Application\89.0.774.45\BHO\ie_to_edge_bho.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive7]
@="{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}"
[HKEY_CLASSES_ROOT\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}]
2021-02-26 20:23	1308032	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WPSTool"="c:\program files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe" [2018-01-30 1891840]
"com.squirrel.Teams.Teams"="c:\users\Liquori - Sapore\AppData\Local\Microsoft\Teams\Update.exe" [2021-02-26 2453720]
"Advanced SystemCare"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2020-12-14 3720464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TeamsMachineInstaller"="c:\program files (x86)\Teams Installer\Teams.exe" [2020-10-14 114273560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2020-09-17 706680]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-07-18 684064]
.
c:\users\Liquori - Sapore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Diagnóstico D-POS.lnk - c:\dpos8\Bin\DiagnosticoDPOS.exe [2021-1-8 807424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AnyDesk.lnk - c:\program files (x86)\AnyDesk\AnyDesk.exe  --control [2020-12-13 3743464]
DegustFlash.lnk - c:\degustwin\DegustFlash.exe [2021-1-12 5480448]
GP Direção.lnk - c:\dpos8\Bin\GPDirecao.exe [2021-1-8 498688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 edgeupdate;Serviço Microsoft Edge Update (edgeupdate);c:\program files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe;c:\program files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [x]
R2 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [x]
R3 bematech_vcom_x64;bematech_vcom_x64;c:\windows\system32\DRIVERS\bematech_vcom_x64.sys;c:\windows\SYSNATIVE\DRIVERS\bematech_vcom_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 edgeupdatem;Serviço Microsoft Edge Update (edgeupdatem);c:\program files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe;c:\program files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService);c:\program files\Google\Chrome\Application\88.0.4324.190\elevation_service.exe;c:\program files\Google\Chrome\Application\88.0.4324.190\elevation_service.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IngenicoVBUS;INGENICO USB-VBus;c:\windows\system32\DRIVERS\IngenicoVBus.sys;c:\windows\SYSNATIVE\DRIVERS\IngenicoVBus.sys [x]
R3 IngenicoVCOM;INGENICO USB-VCOM;c:\windows\system32\DRIVERS\IngenicoVCOM.sys;c:\windows\SYSNATIVE\DRIVERS\IngenicoVCOM.sys [x]
R3 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe [x]
R3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService);c:\program files (x86)\Microsoft\Edge\Application\89.0.774.45\elevation_service.exe;c:\program files (x86)\Microsoft\Edge\Application\89.0.774.45\elevation_service.exe [x]
R3 MpKsl055a2234;MpKsl055a2234;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{663253E8-CBB0-4CF9-827D-821263480516}\MpKslDrv.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{663253E8-CBB0-4CF9-827D-821263480516}\MpKslDrv.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ServiceTarefasGP;GP Direção: Tarefas;c:\dpos8\bin\SrvIniciaGPDirecao.exe;c:\dpos8\bin\SrvIniciaGPDirecao.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S2 AdvancedSystemCareService14;Advanced SystemCare Service 14;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AnyDesk;AnyDesk Service;c:\program files (x86)\AnyDesk\AnyDesk.exe;c:\program files (x86)\AnyDesk\AnyDesk.exe [x]
S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [x]
S2 ClickToRunSvc;Serviço Clique-e-Use do Microsoft Office;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 McAfee WebAdvisor;McAfee WebAdvisor;c:\program files\McAfee\WebAdvisor\ServiceHost.exe;c:\program files\McAfee\WebAdvisor\ServiceHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\Common Files\McAfee\VSCore_20_12\McApExe.exe;c:\program files\Common Files\McAfee\VSCore_20_12\McApExe.exe [x]
S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe [x]
S2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
S2 mfemms;McAfee Service Controller;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe [x]
S2 ModuleCoreService;McAfee Module Core Service;c:\program files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe;c:\program files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PEFService;McAfee PEF Service;c:\program files\Common Files\McAfee\PEF\CORE\PEFService.exe;c:\program files\Common Files\McAfee\PEF\CORE\PEFService.exe [x]
S2 RealtekWlanU;RealtekWlanU;c:\program files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S3 AscFileFilter;AscFileFilter;c:\program files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys;c:\program files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [x]
S3 AscRegistryFilter;AscRegistryFilter;c:\program files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys;c:\program files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 IngenicoEnum;IngenicoEnum Service;c:\windows\system32\DRIVERS\IngenicoEnum.sys;c:\windows\SYSNATIVE\DRIVERS\IngenicoEnum.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys;c:\windows\SYSNATIVE\drivers\mfeaack.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee LLC. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 mfeplk;McAfee Inc. mfeplk;c:\windows\system32\drivers\mfeplk.sys;c:\windows\SYSNATIVE\drivers\mfeplk.sys [x]
S3 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\mfemms.exe [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - ASCFILEFILTER
*NewlyCreated* - ASCREGISTRYFILTER
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2021-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-15 22:21]
.
2021-03-10 c:\windows\Tasks\ASC_SkipUac_Liquori - Sapore.job
- c:\program files (x86)\IObit\Advanced SystemCare\ASC.exe [2020-12-23 20:40]
.
2021-03-09 c:\windows\Tasks\HPCeeScheduleForLiquori - Sapore.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
2021-03-03 08:46	548232	----a-w-	c:\program files (x86)\Microsoft\Edge\Application\89.0.774.45\BHO\ie_to_edge_bho_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive7]
@="{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}"
[HKEY_CLASSES_ROOT\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}]
2021-02-26 20:23	1497960	----a-w-	c:\users\Liquori - Sapore\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-25 12480616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-02 453552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-02 183216]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-02 411056]
.
------- Scan Suplementar -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {{48A61126-9A19-4C50-A214-FF08CB94995C}\Lang0411
IE: {{48A61126-9A19-4C50-A214-FF08CB94995C}\Lang0412
IE: {{48A61126-9A19-4C50-A214-FF08CB94995C}\Lang0804
IE: {{48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\program files\McAfee\WebAdvisor\win32\IEPlugin.dll
Trusted Zone: sharepoint.com\zhense-files
Trusted Zone: sharepoint.com\zhense-myfiles
TCP: DhcpNameServer = 181.213.132.2 181.213.132.3
TCP: Interfaces\{561C287E-01A7-4185-A19A-623F5C437752}: NameServer = 208.67.222.222,208.67.220.220,192.168.0.1
TCP: Interfaces\{ECEA1568-8A92-4341-AB8D-167DF5221698}: NameServer = 208.67.222.222,208.67.220.220
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Liquori - Sapore\AppData\Roaming\Mozilla\Firefox\Profiles\vkpebkdk.default-release\
ï»¿FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_222_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_222_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Tempo para conclusão: 2019-12-15  01:03:51
ComboFix-quarantined-files.txt  2019-12-15 04:03
ComboFix2.txt  2019-12-14 01:22
.
Pré-execução: 432.484.536.320 bytes disponíveis
Pós execução: 432.189.771.776 bytes disponíveis
.
- - End Of File - - AA0A72CC7A4C259A945D17DCB2876D4C