cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[code]
OTS logfile created on: 12/05/2015 16:44:26 - Run 1
OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\Allan\Downloads
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 30,00% Memory free
12,00 Gb Paging File | 7,00 Gb Available in Paging File | 56,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 354,91 Gb Total Space | 122,71 Gb Free Space | 34,58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 4,52 Gb Total Space | 1,63 Gb Free Space | 36,11% Space Free | Partition Type: NTFS

Computer Name: ALLAN-PC
Current User Name: Allan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Allan\Downloads\OTS.exe -> [2015/05/12 16:42:35 | 000,646,656 | ---- | M] (OldTimer Tools)
dropbox.exe -> C:\Users\Allan\AppData\Roaming\Dropbox\bin\Dropbox.exe -> [2015/05/05 00:08:32 | 043,374,104 | ---- | M] (Dropbox, Inc.)
fcupdateservice.exe -> C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -> [2015/03/13 22:37:12 | 000,244,392 | ---- | M] (Foxit Software Inc.)
googlecrashhandler.exe -> C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe -> [2015/02/06 06:43:58 | 000,232,264 | ---- | M] (Google Inc.)
teamviewer_service.exe -> C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -> [2014/12/15 08:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH)
armsvc.exe -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2014/12/03 03:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated)
ss_conn_service.exe -> C:\Arquivos de Programas\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe -> [2014/10/13 02:57:46 | 000,743,688 | ---- | M] (DEVGURU Co., LTD.)
gbpsv.exe -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2014/09/29 09:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia)
httpd.exe -> C:\Program Files (x86)\PostgreSQL\EnterpriseDB-ApachePHP\apache\bin\httpd.exe -> [2012/05/04 09:37:41 | 000,018,432 | ---- | M] (Apache Software Foundation)
ath_coexagent.exe -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -> [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros)
wampmanager.exe -> C:\wamp\wampmanager.exe -> [2010/12/31 08:40:06 | 001,169,920 | ---- | M] (Aestan Software)
dpagent.exe -> C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe -> [2010/12/29 12:54:10 | 000,740,688 | ---- | M] (DigitalPersona, Inc.)
wmiprvse.exe -> C:\Windows\SysWOW64\wbem\WmiPrvSE.exe -> [2010/11/21 00:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation)
iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation)
networklicenseserver.exe -> C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe -> [2007/09/24 18:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software))

[Modules - No Company Name]
dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpse96dn.dll -> c:\users\allan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpse96dn.dll -> [2015/05/12 10:52:56 | 000,043,008 | ---- | M] ()
pepflashplayer.dll -> C:\Users\Allan\AppData\Local\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll -> [2015/04/27 23:07:35 | 014,980,424 | ---- | M] ()
libglesv2.dll -> C:\Users\Allan\AppData\Local\Google\Chrome\Application\42.0.2311.135\libglesv2.dll -> [2015/04/27 23:07:34 | 001,252,680 | ---- | M] ()
libegl.dll -> C:\Users\Allan\AppData\Local\Google\Chrome\Application\42.0.2311.135\libegl.dll -> [2015/04/27 23:07:33 | 000,080,712 | ---- | M] ()
fzshellext.dll -> C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll -> [2015/03/29 07:25:26 | 000,039,384 | ---- | M] ()
qwindows.dll -> C:\Users\Allan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll -> [2015/03/04 18:45:30 | 000,865,280 | ---- | M] ()
libglesv2.dll -> C:\Users\Allan\AppData\Roaming\Dropbox\bin\libGLESv2.dll -> [2015/03/04 18:45:30 | 000,750,080 | ---- | M] ()
qjpeg.dll -> C:\Users\Allan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll -> [2015/03/04 18:45:30 | 000,200,704 | ---- | M] ()
libegl.dll -> C:\Users\Allan\AppData\Roaming\Dropbox\bin\libEGL.dll -> [2015/03/04 18:45:30 | 000,047,616 | ---- | M] ()

[Win32 Services - Safe List]
64bit-(IEEtwCollectorService) [On_Demand | Stopped] -> C:\Windows\SysNative\IEEtwCollector.exe -> [2015/03/13 00:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation)
64bit-(DellDataVaultWiz) [Auto | Running] -> C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe -> [2015/02/26 13:02:31 | 000,201,936 | ---- | M] (Dell Inc.)
64bit-(DellDataVault) [Auto | Running] -> C:\Program Files\Dell\DellDataVault\DellDataVault.exe -> [2015/02/26 13:02:04 | 002,557,136 | ---- | M] (Dell Inc.)
64bit-(ss_conn_service) [Auto | Running] -> C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe -> [2014/10/13 02:57:46 | 000,743,688 | ---- | M] (DEVGURU Co., LTD.)
64bit-(postgresql-x64-9.3) [Auto | Running] -> C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe -> [2014/02/18 03:41:43 | 000,089,600 | ---- | M] (PostgreSQL Global Development Group)
64bit-(gzserv) [Auto | Running] -> C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -> [2013/10/23 18:24:26 | 000,069,368 | ---- | M] (Bitdefender)
64bit-(PSI_SVC_2_x64) [Disabled | Running] -> c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -> [2013/09/13 12:21:46 | 000,337,776 | ---- | M] (arvato digital services llc)
64bit-(PrintNotify) [On_Demand | Stopped] -> C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -> [2012/10/19 19:34:50 | 002,675,712 | ---- | M] (Microsoft Corporation)
64bit-(WDRulesService) [Auto | Running] -> C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -> [2011/08/01 09:12:52 | 001,338,256 | ---- | M] (Western Digital )
64bit-(MsDepSvc) [On_Demand | Stopped] -> C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -> [2011/04/01 19:17:08 | 000,067,400 | ---- | M] (Microsoft Corporation)
64bit-(vcsFPService) [Auto | Running] -> C:\Windows\SysNative\vcsFPService.exe -> [2010/12/03 09:26:34 | 003,143,472 | ---- | M] (Validity Sensors, Inc.)
64bit-(TurboBoost) [On_Demand | Stopped] -> C:\Program Files\Intel\TurboBoost\TurboBoost.exe -> [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation)
64bit-(wlcrasvc) [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation)
(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -> [2015/05/07 15:52:19 | 000,148,080 | ---- | M] (Mozilla Foundation)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -> [2015/04/15 09:41:33 | 000,268,464 | ---- | M] (Adobe Systems Incorporated)
(SupportAssistAgent) Dell SupportAssist Agent [Auto | Running] -> C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe -> [2015/04/10 15:11:46 | 000,019,288 | ---- | M] (Dell Inc.)
(FoxitCloudUpdateService) Foxit Cloud Safe Update Service [Auto | Running] -> C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -> [2015/03/13 22:37:12 | 000,244,392 | ---- | M] (Foxit Software Inc.)
(SkypeUpdate) Skype Updater [Disabled | Stopped] -> C:\Program Files (x86)\Skype\Updater\Updater.exe -> [2015/01/02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies)
(TeamViewer) TeamViewer 10 [Auto | Running] -> C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -> [2014/12/15 08:29:58 | 005,426,448 | ---- | M] (TeamViewer GmbH)
(AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2014/12/03 03:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated)
(MBAMService) MBAMService [Disabled | Stopped] -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -> [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation)
(MBAMScheduler) MBAMScheduler [Disabled | Stopped] -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
(GbpSv) Gbp Service [Unknown | Running] -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2014/09/29 09:11:56 | 000,546,104 | ---- | M] (GAS Tecnologia)
(Warsaw Technology) Warsaw Technology [Auto | Running] -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe -> [2014/09/06 10:56:26 | 000,847,160 | ---- | M] (GAS Tecnologia LTDA)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2014/03/20 19:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation)
(VsEtwService120) Visual Studio ETW Event Collection Service [On_Demand | Stopped] -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -> [2013/10/04 23:58:24 | 000,087,728 | ---- | M] (Microsoft Corporation)
(cbVSCService11) Cobian Backup 11 Requisitador de Cópia Sombra de Volume [Disabled | Stopped] -> C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -> [2012/12/05 21:11:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation)
(cphs) Intel(R) Content Protection HECI Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\IntelCpHeciSvc.exe -> [2012/11/15 05:30:44 | 000,277,048 | ---- | M] (Intel Corporation)
(wampapache) wampapache [Auto | Running] -> c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -> [2012/05/13 18:39:06 | 000,022,016 | ---- | M] (Apache Software Foundation)
(EnterpriseDBApachePHP) EnterpriseDB ApachePHP [Auto | Running] -> C:\Program Files (x86)\PostgreSQL\EnterpriseDB-ApachePHP\apache\bin\httpd.exe -> [2012/05/04 09:37:41 | 000,018,432 | ---- | M] (Apache Software Foundation)
(wampmysqld) wampmysqld [On_Demand | Running] -> c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -> [2012/04/19 14:45:02 | 009,693,696 | ---- | M] ()
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2012/01/09 07:56:36 | 000,655,624 | ---- | M] (Acresso Software Inc.)
(STacSV) Audio Service [Auto | Running] -> C:\Arquivos de Programas\IDT\WDM\stacsv64.exe -> [2011/09/08 05:42:28 | 000,305,152 | ---- | M] (IDT, Inc.)
(Atheros Bt&Wlan Coex Agent) Atheros Bt&Wlan Coex Agent [Auto | Running] -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -> [2011/05/20 10:16:10 | 000,146,592 | ---- | M] (Atheros)
(AtherosSvc) AtherosSvc [Auto | Running] -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -> [2011/05/20 10:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations)
(DpHost) Serviço de autenticação [Auto | Running] -> C:\Arquivos de Programas\DigitalPersona\Bin\DpHostW.exe -> [2010/12/29 12:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.)
(vcsFPService) Validity VCS Fingerprint Service [Auto | Running] -> C:\Windows\SysWOW64\vcsFPService.exe -> [2010/12/03 09:14:58 | 002,696,496 | ---- | M] (Validity Sensors, Inc.)
(RoxWatch12) Roxio Hard Drive Watcher 12 [Auto | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -> [2010/11/25 04:34:18 | 000,219,632 | ---- | M] (Sonic Solutions)
(RoxMediaDB12OEM) RoxMediaDB12OEM [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -> [2010/11/25 04:33:18 | 001,116,656 | ---- | M] (Sonic Solutions)
(IAStorDataMgrSvc) Intel(R) Rapid Storage Technology [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation)
(SwitchBoard) Adobe SwitchBoard [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -> [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated)
(AESTFilters) Andrea ST Filters Service [Auto | Running] -> C:\Arquivos de Programas\IDT\WDM\AESTSr64.exe -> [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation)
(ABBYY.Licensing.FineReader.Professional.9.0) ABBYY FineReader 9.0 Licensing Service [Disabled | Running] -> C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe -> [2007/09/24 18:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software))
(WcesComm) Conectividade do dispositivo baseado no Windows Mobile 2003 [Auto | Running] -> C:\Windows\WindowsMobile\wcescomm.dll -> [2007/05/31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation)
(RapiMgr) Conectividade do dispositivo baseado no Windows Mobile [Auto | Running] -> C:\Windows\WindowsMobile\rapimgr.dll -> [2007/05/31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
64bit-(DDDriver) DDDriver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys -> [2015/01/30 19:36:11 | 000,023,760 | ---- | M] (Dell Computer Corporation)
64bit-(DellProf) DellProf [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\DellProf.sys -> [2015/01/30 19:36:11 | 000,023,312 | ---- | M] (Dell Computer Corporation)
64bit-(MBAMWebAccessControl) MBAMWebAccessControl [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mwac.sys -> [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation)
64bit-(MBAMProtector) MBAMProtector [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mbam.sys -> [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation)
64bit-(IntelHaxm) Intel HAXM Service [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\IntelHaxm.sys -> [2014/11/18 14:02:16 | 000,084,992 | ---- | M] (Intel Corporation)
64bit-(ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssudmdm.sys -> [2014/10/13 02:57:48 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr))
64bit-(dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ssudbus.sys -> [2014/10/13 02:57:48 | 000,110,336 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr))
64bit-(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\dtsoftbus01.sys -> [2013/10/21 08:06:06 | 000,283,064 | ---- | M] (Disc Soft Ltd)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2013/10/01 23:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation)
64bit-(trufos) trufos [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\trufos.sys -> [2013/05/28 12:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.)
64bit-(gzflt) gzflt [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\gzflt.sys -> [2013/04/22 13:21:00 | 000,148,696 | ---- | M] (BitDefender LLC)
64bit-(avckf) avckf [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\avckf.sys -> [2013/04/17 14:59:58 | 000,593,144 | ---- | M] (BitDefender)
64bit-(avc3) avc3 [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avc3.sys -> [2013/04/17 14:59:56 | 000,718,840 | ---- | M] (BitDefender)
64bit-(VBoxNetAdp) VirtualBox Host-Only Ethernet Adapter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\VBoxNetAdp.sys -> [2013/04/12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation)
64bit-(dlsusb) dlsusb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\dlsusb.sys -> [2013/03/13 18:05:54 | 000,114,896 | ---- | M] (Barcode Scanner - USB-COM Driver)
64bit-(usbrndis6) Adaptador USB RNDIS6 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usb80236.sys -> [2013/02/12 01:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation)
64bit-(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\igdkmd64.sys -> [2012/11/15 01:03:46 | 009,000,256 | ---- | M] (Intel Corporation)
64bit-(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpvideominiport.sys -> [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation)
64bit-(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbGD.sys -> [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation)
64bit-(IntcDAud) Áudio do vídeo Intel(R) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\IntcDAud.sys -> [2012/06/19 21:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2012/01/05 00:37:51 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2012/01/05 00:37:51 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\stwrt64.sys -> [2011/09/08 05:42:28 | 000,535,040 | ---- | M] (IDT, Inc.)
64bit-(tixhci) TI XHCI Service [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\tixhci.sys -> [2011/07/20 19:21:50 | 000,406,336 | ---- | M] (Texas Instruments Incorporated)
64bit-(tihub3) TI USB3 Hub Service [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\tihub3.sys -> [2011/07/20 19:21:50 | 000,136,000 | ---- | M] (Texas Instruments Incorporated)
64bit-(athr) Dell Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2011/07/12 16:22:50 | 002,727,424 | ---- | M] (Atheros Communications, Inc.)
64bit-(CtClsFlt) Creative Camera Class Upper Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CtClsFlt.sys -> [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.)
64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek )
64bit-(BtFilter) BtFilter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btfilter.sys -> [2011/05/20 16:15:34 | 000,282,272 | ---- | M] (Atheros)
64bit-(BTATH_HCRP) Bluetooth HCRP Server driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_hcrp.sys -> [2011/05/20 10:15:34 | 000,201,376 | ---- | M] (Atheros)
64bit-(BTATH_RCP) Bluetooth AVRCP Device [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_rcp.sys -> [2011/05/20 10:15:34 | 000,154,272 | ---- | M] (Atheros)
64bit-(BTATH_LWFLT) Bluetooth LWFLT Device [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_lwflt.sys -> [2011/05/20 10:15:34 | 000,055,456 | ---- | M] (Atheros)
64bit-(AthBTPort) Atheros Virtual Bluetooth Class [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_flt.sys -> [2011/05/20 10:15:34 | 000,036,000 | ---- | M] (Atheros)
64bit-(BTATH_BUS) Atheros Bluetooth Bus [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_bus.sys -> [2011/05/20 10:15:34 | 000,029,344 | ---- | M] (Atheros)
64bit-(BTATH_A2DP) Bluetooth A2DP Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btath_a2dp.sys -> [2011/05/20 10:15:32 | 000,298,656 | ---- | M] (Atheros)
64bit-(ApfiltrService) Alps Touch Pad Filter Driver for Windows x64 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Apfiltr.sys -> [2011/05/13 05:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.)
64bit-(WDC_SAM) WD SCSI Pass Thru driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wdcsam64.sys -> [2011/02/16 16:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies)
64bit-(Acceler) Accelerometer Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Accelern.sys -> [2010/12/13 14:34:14 | 000,027,760 | ---- | M] (ST Microelectronics)
64bit-(nusb3xhc) Renesas Electronics USB 3.0 Host Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3xhc.sys -> [2010/12/10 17:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation)
64bit-(nusb3hub) Renesas Electronics USB 3.0 Hub Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3hub.sys -> [2010/12/10 17:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation)
64bit-(TurboB) Turbo Boost UI Monitor driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\TurboB.sys -> [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(cpuz135) cpuz135 [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\cpuz135_x64.sys -> [2010/11/09 14:35:24 | 000,021,992 | ---- | M] (CPUID)
64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2010/11/06 20:45:48 | 000,438,808 | ---- | M] (Intel Corporation)
64bit-(RSUSBSTOR) RtsUStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\RtsUStor.sys -> [2010/10/29 21:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.)
64bit-(MEIx64) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation)
64bit-(stdcfltn) Disk Class Filter Driver for Accelerometer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\stdcfltn.sys -> [2010/08/20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics)
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions)
64bit-(Impcd) Impcd [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\Impcd.sys -> [2010/02/26 21:32:12 | 000,158,976 | ---- | M] (Intel Corporation)
64bit-(npf) NetGroup Packet Filter Driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\npf.sys -> [2010/01/26 23:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
(WinDivert1.1) WinDivert1.1 [Kernel | Disabled | Running] -> C:\Arquivos de Programas\Diebold\Warsaw\WinDivert64.sys -> [2015/04/01 18:23:46 | 000,038,104 | ---- | M] (Basil)
(bdfwfpf) bdfwfpf [Kernel | System | Running] -> C:\Arquivos de Programas\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -> [2013/07/02 14:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\: Main\\"Default_Page_URL" -> http://g.msn.com/USSMB/5 ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\: Main\\"Start Page" -> http://www.google.com.br/ ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\Allan\AppData\Roaming\Mozilla\FireFox\Profiles\j5xrt16i.default\prefs.js ->
browser.search.countryCode -> "BR" ->
browser.search.region -> "BR" ->
browser.startup.homepage -> "about:home" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com -> C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT\ [C:\PROGRAM FILES (X86)\DIGITALPERSONA\BIN\FIREFOXEXT\] -> [2012/01/04 19:26:45 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 37.0.2\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS ->
HKLM\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2015/05/07 15:52:13 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Users\Allan\AppData\Roaming\mozilla\Extensions -> [2012/01/09 07:10:08 | 000,000,000 | ---D | M]
-> C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\j5xrt16i.default\extensions -> [2015/05/07 16:54:53 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > ->
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files (x86)\mozilla firefox\extensions -> [2015/05/07 15:52:12 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} -> [2015/05/07 15:52:12 | 000,000,000 | ---D | M]
-> C:\Program Files (x86)\mozilla firefox\browser\extensions -> [2015/05/07 15:52:12 | 000,000,000 | ---D | M]
Default -> C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2015/05/07 15:52:22 | 000,000,000 | ---D | M]
Guardião - Itaú 30 horas -> C:\USERS\ALLAN\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\UNI\XPI -> [2015/04/23 13:49:12 | 000,000,000 | ---D | M]
< FireFox Components [Program Folders] > ->
< HOSTS File > ([2015/04/30 07:52:15 | 000,000,841 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Skype for Business Browser Helper] -> [2015/03/31 10:23:10 | 000,219,296 | ---- | M] (Microsoft Corporation)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2011/03/28 20:14:36 | 000,529,280 | ---- | M] (Microsoft Corp.)
{B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\URLREDIR.DLL [Office Document Cache Handler] -> [2014/01/23 15:05:00 | 000,881,880 | ---- | M] (Microsoft Corporation)
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\GROOVEEX.DLL [Microsoft SkyDrive Pro Browser Helper] -> [2015/03/18 14:08:34 | 002,334,928 | ---- | M] (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2015/04/27 08:34:04 | 000,460,712 | ---- | M] (Oracle Corporation)
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} [HKLM] -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [CIESpeechBHO Class] -> [2011/05/20 10:15:46 | 000,060,576 | ---- | M] (Atheros Commnucations)
{B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [Office Document Cache Handler] -> [2014/01/22 03:11:44 | 000,707,800 | ---- | M] (Microsoft Corporation)
{C41A1C0E-EA6C-11D4-B1B8-444553540008} [HKLM] -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [GbIehObj Class] -> [2014/08/12 13:19:04 | 001,760,312 | ---- | M] (Banco Itaú Unibanco)
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} [HKLM] -> C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [Microsoft SkyDrive Pro Browser Helper] -> [2015/03/18 14:11:40 | 001,729,752 | ---- | M] (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2015/04/27 08:34:04 | 000,172,968 | ---- | M] (Oracle Corporation)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Apoint" -> C:\Arquivos de Programas\DellTPad\Apoint.exe [C:\Program Files\DellTPad\Apoint.exe] -> [2011/04/12 20:19:54 | 000,609,144 | ---- | M] (Alps Electric Co., Ltd.)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/21 00:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/21 00:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DIMBaixando a sua atualização...1417080299401" -> c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\DIM.exe ["c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\DIM.exe" "c:\programdata\corel\downloads\540229932_410003\1417080299401\dim_params.xml" -Launch=3 -uibase="c:\users\allan\appdata\roaming\corel\messages\540229932_410003\br\messagecache2\workflow"] -> [2014/03/14 22:03:28 | 000,272,696 | ---- | M] (Corel Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [0] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
\\"EnableLUA" -> [0] -> File not found
\\"PromptOnSecureDesktop" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Enviar para o OneNote -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105] -> [2015/03/18 14:08:34 | 000,615,120 | ---- | M] (Microsoft Corporation)
E&xportar para o Microsoft Excel -> C:\Arquivos de Programas\Microsoft Office\Office15\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000] -> [2015/03/18 14:08:34 | 033,020,064 | ---- | M] (Microsoft Corporation)
Send to SideSync 3.0 -> C:\Program Files (x86)\Samsung\SideSync3\SideSyncContextMenu.dll [res://C:\Program Files (x86)\Samsung\SideSync3\SideSyncContextMenu.dll/105] -> [2014/11/21 08:58:04 | 000,061,440 | ---- | M] (TODO: <Company name>)
Sothink Flash Downloader For IE -> C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm] -> [2012/04/10 14:17:18 | 000,000,191 | ---- | M] ()
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Enviar para o OneNote -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105] -> [2015/03/18 14:08:34 | 000,615,120 | ---- | M] (Microsoft Corporation)
Anexar a PDF existente -> [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> File not found
Anexar destino do link a PDF existente -> [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> File not found
Converter destino do link em Adobe PDF -> [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> File not found
Converter em Adobe PDF -> [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> File not found
E&xportar para o Microsoft Excel -> C:\Arquivos de Programas\Microsoft Office\Office15\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000] -> [2015/03/18 14:08:34 | 033,020,064 | ---- | M] (Microsoft Corporation)
Send to SideSync 3.0 -> C:\Program Files (x86)\Samsung\SideSync3\SideSyncContextMenu.dll [res://C:\Program Files (x86)\Samsung\SideSync3\SideSyncContextMenu.dll/105] -> [2014/11/21 08:58:04 | 000,061,440 | ---- | M] (TODO: <Company name>)
Sothink Flash Downloader For IE -> C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm] -> [2012/04/10 14:17:18 | 000,000,191 | ---- | M] ()
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [Button: Enviar para o OneNote] -> [2015/03/18 14:08:34 | 000,615,120 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2015/03/18 14:08:34 | 000,615,120 | ---- | M] (Microsoft Corporation)
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}:{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Button: Clique para Telefonar do Lync] -> [2015/03/31 10:23:10 | 000,219,296 | ---- | M] (Microsoft Corporation)
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}:{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\OCHelper.dll [Menu: Clique para Telefonar do Lync] -> [2015/03/31 10:23:10 | 000,219,296 | ---- | M] (Microsoft Corporation)
{7815BE26-237D-41A8-A98F-F7BD75F71086}:Reg Error: Value error. [HKLM] -> Reg Error: Value error. [Menu: Send by Bluetooth to] -> File not found
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [Button: &Anotações Vinculadas do OneNote] -> [2014/01/23 15:05:34 | 000,575,192 | ---- | M] (Microsoft Corporation)
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [Menu: &Anotações Vinculadas do OneNote] -> [2014/01/23 15:05:34 | 000,575,192 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222] -> [2007/05/31 09:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Menu: @C:\Windows\WindowsMobile\INetRepl.dll,-223] -> [2007/05/31 09:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation)
{7815BE26-237D-41A8-A98F-F7BD75F71086}:{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} [HKLM] -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [Menu: Send by Bluetooth to] -> [2011/05/20 10:15:46 | 000,060,576 | ---- | M] (Atheros Commnucations)
{E19ADC6E-3909-43E4-9A89-B7B676377EE3}:C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [HKLM] -> C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [Button: Sothink Flash Downloader For IE] -> [2012/04/10 14:17:18 | 000,000,191 | ---- | M] ()
{E19ADC6E-3909-43E4-9A89-B7B676377EE3}:C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [HKLM] -> C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm [Menu: Sothink Flash Downloader For IE] -> [2012/04/10 14:17:18 | 000,000,191 | ---- | M] ()
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
bankline_itau.com.br [https] -> Trusted sites ->
clickbanking_itau.com.br [https] -> Trusted sites ->
guardiao_itau.com.br [https] -> Trusted sites ->
www_itau.com.br [http] -> Trusted sites ->
www_itau.com.br [https] -> Trusted sites ->
www_itaupersonnalite.com.br [http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
bankline_itau.com.br [https] -> Trusted sites ->
clickbanking_itau.com.br [https] -> Trusted sites ->
guardiao_itau.com.br [https] -> Trusted sites ->
www_itau.com.br [http] -> Trusted sites ->
www_itau.com.br [https] -> Trusted sites ->
www_itaupersonnalite.com.br [http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
itau.com.br .[*] -> Trusted sites ->
bankline_itau.com.br [*] -> Trusted sites ->
bankline_itau.com.br [https] -> Trusted sites ->
clickbanking_itau.com.br [*] -> Trusted sites ->
clickbanking_itau.com.br [https] -> Trusted sites ->
guardiao_itau.com.br [*] -> Trusted sites ->
guardiao_itau.com.br [https] -> Trusted sites ->
www_itau.com.br [*] -> Trusted sites ->
www_itau.com.br [http] -> Trusted sites ->
www_itau.com.br [https] -> Trusted sites ->
www_itaupersonnalite.com.br [http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{6C269571-C6D7-4818-BCA4-32A035E8C884} [HKLM] -> http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab [Creative Software AutoUpdate] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab [Java Plug-in 11.45.2] ->
{CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab [Java Plug-in 1.8.0_45] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab [Java Plug-in 11.45.2] ->
{D4B68B83-8710-488B-A692-D74B50BA558E} [HKLM] -> http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab [Creative Software AutoUpdate Support Package 2] ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29} [HKLM] -> http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab [Creative Software AutoUpdate Support Package] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 189.7.80.15 189.7.80.16 201.6.4.116 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{5C0E622F-3D11-49B9-A246-8ABB64B787DC}\\DhcpNameServer -> 189.7.80.15 189.7.80.16 201.6.4.116 (Dell Wireless 1702 802.11b/g/n) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2012/01/05 00:37:55 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2010/11/21 00:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation)
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe -> C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe -> [2010/12/29 12:54:10 | 000,740,688 | ---- | M] (DigitalPersona, Inc.)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 22:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2012/01/05 00:37:55 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2010/11/21 00:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\Windows\SysNative\igfxdev.dll -> [2012/11/15 01:03:50 | 000,441,856 | ---- | M] (Intel Corporation)
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GbPluginUni -> C:\Program Files (x86)\GbPlugin\gbiehUni.dll -> [2014/08/12 13:19:04 | 001,760,312 | ---- | M] (Banco Itaú Unibanco)
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{E37CB5F0-51F5-4395-A808-5FA49E399008}" [HKLM] -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [GbPlugin ShlObj] -> [2014/08/12 13:19:04 | 001,760,312 | ---- | M] (Banco Itaú Unibanco)
< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
< Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{09F6CC4C-8BDC-45F4-9B76-0142A7DF99FF} -> rport=138 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{1653E012-61E3-4B5F-8D12-3342135E351F} -> lport=139 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{2D96D92C-371D-4158-A432-761E054538AF} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{34531E86-9724-4018-BCDF-BA812CBF3E25} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{3A46A9A8-D4FA-4621-BECB-22B34E42D715} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{3EEE6F6C-91E1-4957-A940-33EF49FC33A8} -> lport=5353 | profile=public | protocol=6 | dir=in | action=allow | name=adobe csi cs4 |
{4D0E0328-6078-4001-B55F-7C5655A4D2B7} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{56FD8A18-D10D-4055-89D5-FED5580513DA} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{5CBB6F34-AA1F-49E5-9A48-A005F97F78BE} -> rport=137 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{612BDFA5-BE5E-444C-BEE1-ADA370EC7D10} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost |
{634653B9-2BF7-4849-B0FA-6B6B47DA632D} -> lport=rpc-epmap | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{63637586-2B1F-4359-AEC5-A70AAA80286D} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) |
{6C98081A-430F-434F-8C7C-BD5E5C1A7F6D} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{72E15C34-5670-4305-A9E4-5E27D9A95552} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub |
{7524C51A-DC86-40DA-9DF7-A07042D2FD40} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{761C28BD-4A26-49D0-A261-3266EA040597} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{789FFEB6-85D8-41AF-9BFF-10DF7A7826F4} -> rport=445 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{7E06AB95-4CC5-4222-B39A-4C8C178D7420} -> lport=445 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{836AF67F-A2E3-4408-ADDD-2F828937911F} -> lport=138 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{854835D3-0CF4-4BF1-BE0B-1260E30A744F} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) |
{856509D7-24B3-48CC-9995-AE6D4B4431F6} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{88F03750-C3F6-40DF-983D-E8AFE4733308} -> lport=3121 | protocol=6 | dir=out | action=allow | name=firebird3121 |
{8FBD0003-D028-41DF-B7F0-086689F0AC86} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{902217CC-6B8A-4E09-B957-2B23353DD1D1} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{995C5EDF-D67F-4435-87EF-402C1329D6A6} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost |
{9EEF820E-288E-4554-8171-000B02E56ED1} -> lport=137 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{A5DA31A1-F914-4308-B377-071BF1F2BAEA} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{B21D5A61-6342-43F3-AE0E-BB14C4F7C1C5} -> lport=3702 | protocol=17 | dir=in | action=allow | name=visual studio 2013 remote debugger discovery (wdexpress.exe) | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\wdexpress.exe |
{C5279E5B-8D66-4429-9727-47C72CEEF040} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{CAB5D258-BBEA-4D31-87AD-5CD3B91F4E13} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
{D9DF62C1-CE94-4E2F-8275-4A1AC9627742} -> lport=3121 | protocol=6 | dir=in | action=allow | name=firebird3121 |
{DD068AD5-F5F7-4E13-961D-ED7CB4D0BBAC} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files\microsoft office\office15\outlook.exe |
{E08C5F0E-94D9-4646-B913-5DE63C5A2D19} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub |
{E3B889AA-4461-4874-A598-B4F3B2F3BE59} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{E3E68F37-64C8-4062-82E0-1A61AAC84BF2} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{E512784D-9BD5-4C18-9AA8-947D1336074A} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{E632E83D-C134-4EE3-AB2B-1D7C80C7DFEC} -> lport=5353 | protocol=17 | dir=in | action=allow | name=google chrome (mdns-in) | app=c:\users\allan\appdata\local\google\chrome\application\chrome.exe |
{EC5FAF21-B8D7-40BD-A4FB-2F8198AC7B62} -> lport=3122 | protocol=6 | dir=out | action=allow | name=firebirdaux3122 |
{FA2159C2-E8D5-4225-85B7-7B805E9D8D4B} -> lport=3122 | protocol=6 | dir=in | action=allow | name=firebirdaux3122 |
{FB18FBEE-6D0B-4135-A05B-7A6478C12C69} -> rport=139 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{FF5A573E-0E36-4C6F-95B9-FA93285EFAD7} -> lport=rpc | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{04F634CC-07F3-4362-BA93-FF6F64082D9C} -> profile=public | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |
{0E2D940C-D547-4837-AF49-1E2A9B45690C} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{0E4E1D33-84DE-4A53-888C-7CD53307AEA1} -> dir=in | action=allow | name=webkit | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
{0EADF784-1802-4408-AB4B-0022CBB320F7} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{0FC87499-350C-4F10-84D3-1ACBD669F533} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{15B5C4EC-EFE3-411E-B458-A68733FF0ED0} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{16F78577-5716-47AA-B4C7-CA1F2549ABD5} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{18ACB13D-973A-421F-8A5F-BF325AF04421} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft lync ucmapi | app=c:\program files\microsoft office\office15\ucmapi.exe |
{19D8421F-37EA-4B9F-8C41-4C982B369C4B} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{19DCFEA4-E076-4EA8-8649-EA6C17CC156B} -> profile=public | protocol=17 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\javaw.exe |
{1E42C929-56BA-4D3F-A6F2-8BA32E4F6A82} -> profile=private | protocol=6 | dir=in | action=allow | name=samsung sidesync | app=c:\program files (x86)\samsung\sidesync3\sidesync3.exe |
{2295BD84-981F-49E9-B05C-1872E37450E0} -> protocol=17 | dir=in | action=allow | name=¼torrent (udp-in) | app=c:\users\allan\appdata\roaming\utorrent\utorrent.exe |
{241896D5-5E4D-4706-8611-BDD4663FCB1D} -> profile=public | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |
{2447D4C6-30E4-4C70-8359-BB96099C5391} -> profile=public | protocol=17 | dir=in | action=allow | name=muz aod app player | app=c:\windows\syswow64\muzapp.exe |
{2773F753-68AB-40F3-86A8-3CCB9659C8D2} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{28F32647-C47B-4BA5-AE6A-AAB9BF79271F} -> profile=public | protocol=6 | dir=in | action=block | name=android studio windows launcher | app=c:\program files\android\android studio\bin\studio64.exe |
{2DDDA41D-9E7C-4A51-AF01-9EF71D454CD2} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{2E067A02-EC2B-47EB-8736-C93DC12D8BA2} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{2F417EF0-FC58-49FB-99ED-4C2E35A814CF} -> profile=public | protocol=6 | dir=in | action=allow | name=muz aod app player | app=c:\windows\syswow64\muzapp.exe |
{31B5B6C2-99EB-47E7-A6E9-8509B520C9B9} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{4049CCC8-DAB9-4EC0-92E0-BAA4599E6D2C} -> profile=public | protocol=17 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\teamviewer.exe |
{428D9107-0C32-47C9-AFF4-B34ED9E73092} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
{42B66D16-7F19-4464-AF57-AE00A40FFB4D} -> dir=in | action=allow | name=windows live mesh | app=c:\program files (x86)\windows live\mesh\moe.exe |
{44A09DDC-6F9C-4F4F-A22C-51433CFF0ED7} -> profile=public | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
{48192053-E0EC-4993-9782-6529676DE71B} -> profile=public | protocol=17 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
{48415BA6-1810-4BA9-BD68-F688766F7D3D} -> protocol=6 | dir=in | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4002 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{485C29A8-89A0-483C-9DB3-BE161E75189E} -> dir=in | action=allow | name=warsaw | app=c:\program files\diebold\warsaw\core.exe |
{48C94232-074B-4355-92A7-4A32E41AC54D} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{4B59D945-04CE-4AD4-83FC-4275D6B33445} -> profile=public | protocol=6 | dir=in | action=allow | name=dropbox | app=c:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe |
{4DC38521-5173-440C-B230-8DE489C0E6A2} -> profile=public | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
{51542C49-F6B9-4561-8860-E4221B64AA65} -> profile=public | protocol=6 | dir=in | action=allow | name=skype for business | app=c:\program files\microsoft office\office15\lync.exe |
{61502E37-C321-4F25-B41E-9E6F752004F3} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{61D362A9-20EE-4CE5-8DC3-4684F207D33B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{61DF1AA7-C2D7-425D-B5C8-C1D89876C589} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{643A5A7E-B3BF-44FE-91CC-0A5A6AC6F68D} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{66CC0E42-2457-4607-8FC6-8E31C9FEB9EC} -> protocol=6 | dir=in | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4002 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{692FAF8F-AC8B-4D10-B895-5E0899770E70} -> profile=public | protocol=6 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
{6E0712E2-B2D8-4A03-8E53-E1B6C2F76CC2} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{732B5B72-1442-42D2-8D38-412C3B44DDC5} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{7A0DFF59-3401-43CB-9ADA-295F915DCF3D} -> profile=public | protocol=17 | dir=in | action=allow | name=dropbox | app=c:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe |
{7A712557-95D2-438B-844F-12BEC2D032C8} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{7DD4198A-353C-48EC-BE27-49648A0C4123} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft lync ucmapi | app=c:\program files\microsoft office\office15\ucmapi.exe |
{85FD6619-FD4A-4CEE-90D0-A8C47D1119FB} -> protocol=6 | dir=in | action=allow | name=¼torrent (tcp-in) | app=c:\users\allan\appdata\roaming\utorrent\utorrent.exe |
{88126E16-945A-41AE-9FAF-DE10A28B0372} -> profile=public | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
{8B1F7115-DFF0-4076-BC63-C4741C9794E2} -> protocol=17 | dir=in | action=allow | name=¼torrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe |
{8FBDBC14-0D59-4004-9FE9-216CAD3B7586} -> profile=public | protocol=6 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
{95CBEA36-1F00-4EF8-A045-8136DC080221} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{9A4F8093-BD01-4B65-9EDF-FE235DE648B9} -> profile=public | protocol=17 | dir=in | action=allow | name=samsung sidesync | app=c:\program files (x86)\samsung\sidesync3\sidesync3.exe |
{9EDF03C4-5EEB-42C8-B4F4-AFB32C358B20} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{A0E55F7D-FEAC-40A0-A70D-36BC3C608D25} -> profile=public | protocol=17 | dir=in | action=allow | name=skype for business | app=c:\program files\microsoft office\office15\lync.exe |
{A191DB2D-BCC4-4CEB-A60E-85B4626F7EFC} -> protocol=6 | dir=in | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4002 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{A2F2A33D-1C07-4C76-B485-78D83A0A69F8} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{A575ADC3-1659-4F4E-9BA5-0F174DC4EC3D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{ADFE9468-0AEB-4363-9546-E5C4EFF65EF4} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{AF119200-9E44-4A8A-8ABB-44156A62964B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{AF3C42E1-B392-47C3-9225-40D743A3A04B} -> profile=public | protocol=6 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\javaw.exe |
{B060594D-4775-4FE2-9C50-33F7CDB009FD} -> protocol=6 | dir=in | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4002 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{B4B65522-FCEF-405E-9DF2-EAC27DF14E6B} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{B568E58D-DFE9-4AFB-B2AF-B2A04D314BA2} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{B6CD2812-1D17-4891-B585-6A1E9376D1C3} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{B7F79E65-ED26-44D8-A84C-E5687DED3BAD} -> profile=public | protocol=17 | dir=in | action=allow | name=opera internet browser | app=c:\program files (x86)\opera\opera.exe |
{BA5B1ADF-878A-47E1-ACB5-3B9ADF3994E5} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{BAA14975-A679-4710-902A-2518D6616476} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{BB93D7F4-4612-431F-AC30-42DBFC023D67} -> profile=public | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{BDC133C5-82E6-4972-9414-0A45FE42412D} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe |
{C530DDA5-1382-4182-8B89-A9F1448D851B} -> protocol=6 | dir=in | action=allow | name=¼torrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe |
{C788A6A7-80F8-4AF8-BC88-F94A367EFB5C} -> profile=public | protocol=17 | dir=in | action=block | name=android studio windows launcher | app=c:\program files\android\android studio\bin\studio64.exe |
{CC6DACA7-7FC9-46B2-A120-3D20DF9AF612} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{CDDEA5E9-A59C-4848-9061-4B6B8C887B89} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{D01FA1C4-A53A-41A0-8769-DE9A7AC62AE2} -> profile=public | protocol=17 | dir=in | action=allow | name=teamviewer remote control service | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
{D33EADE1-210D-49A3-A670-FA844782FD1E} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{D6ED3018-B3D2-4958-940C-792C4F0CE091} -> profile=public | protocol=6 | dir=in | action=allow | name=opera internet browser | app=c:\program files (x86)\opera\opera.exe |
{D8BB2AD2-1105-4D9A-B0F8-FE6A0C8FDC10} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{DA33FCD2-25CE-438C-9992-26221E749469} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{E211542B-890C-4A80-BF5F-5ADFAEC23EC2} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{E3DAA51B-E1DD-4266-82E0-DABF2CDCD831} -> profile=private | protocol=17 | dir=in | action=allow | name=samsung sidesync | app=c:\program files (x86)\samsung\sidesync3\sidesync3.exe |
{E662B5C1-1A15-4374-A18D-8EAC84FE91F8} -> protocol=17 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=rapimgr |
{E6A2402B-A9C9-4A1E-91A0-A82532F45D24} -> profile=private | protocol=17 | dir=in | action=allow | name=firefox (c:\program files (x86)\mozilla firefox) | app=c:\program files (x86)\mozilla firefox\firefox.exe |
{E82084EA-7483-421D-8EB6-712A103E9A20} -> profile=public | protocol=6 | dir=in | action=block | name=clipsync server | app=c:\program files (x86)\bdwm\clipsync server\clipsync server.exe |
{EBB3C052-9721-4C2E-92DF-CD363415229B} -> protocol=6 | dir=in | action=block | name=coreldraw x7 (64-bit) | app=c:\program files\corel\coreldraw graphics suite x7\programs64\coreldrw.exe |
{F03E4F0F-9D35-484E-BE01-920071929AE1} -> protocol=6 | dir=in | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4002 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
{F4462B97-EA8F-4369-A085-DAF0BA439276} -> profile=public | protocol=6 | dir=in | action=allow | name=samsung sidesync | app=c:\program files (x86)\samsung\sidesync3\sidesync3.exe |
{F4D82599-4B05-4441-83D7-69AAC4E53486} -> profile=public | protocol=17 | dir=in | action=block | name=clipsync server | app=c:\program files (x86)\bdwm\clipsync server\clipsync server.exe |
{F5BBA273-13AE-49B7-8A0B-AEC5FE1CF4C3} -> profile=public | protocol=6 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\teamviewer.exe |
{F93FB78F-85DA-413D-8CD1-E971F2ECC610} -> profile=private | protocol=6 | dir=in | action=allow | name=firefox (c:\program files (x86)\mozilla firefox) | app=c:\program files (x86)\mozilla firefox\firefox.exe |
{FC55F01E-7689-4D04-8F03-6608DAA494DB} -> protocol=6 | dir=out | action=allow | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4016 | app=%systemroot%\system32\svchost.exe | svc=wcescomm |
TCP Query User{0B716E7C-6C44-4537-AFF5-2C3600662174}C:\program files\java\jdk1.7.0_03\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\javaw.exe |
TCP Query User{149C55B8-68AE-47C6-A44E-2AFDEB0CBE88}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe -> profile=public | protocol=6 | dir=in | action=allow | name=visual basic command line compiler | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
TCP Query User{2C73F41D-EF54-4349-B407-F7122A277A11}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\java.exe |
TCP Query User{2F4CE3D9-0CC3-47C7-A027-C4032695C020}C:\users\allan\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe -> profile=public | protocol=6 | dir=in | action=allow | name=octoshapeclient.exe | app=c:\users\allan\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
TCP Query User{32CD218D-2FAE-43E0-8402-D14B017E683C}C:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe -> profile=private | protocol=6 | dir=in | action=allow | name=netbeans ide | app=c:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe |
TCP Query User{4887452A-C734-4F28-9C2F-BF9920CFB6E6}C:\program files\foxit software\pdf editor\pdfedit.exe -> profile=private | protocol=6 | dir=in | action=allow | name=foxit pdf editor, the first real editor for pdf files! | app=c:\program files\foxit software\pdf editor\pdfedit.exe |
TCP Query User{6AA0E05F-F3CD-4FC6-A62F-8586DCBDFC10}C:\program files (x86)\steam\steam.exe -> profile=private | protocol=6 | dir=in | action=block | name=steam client bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04) | app=c:\program files (x86)\steam\steam.exe |
TCP Query User{8D5A10C6-98F6-49C2-A7B4-3B0184926024}C:\program files (x86)\bdwm\clipsync server\clipsync server.exe -> profile=private | protocol=6 | dir=in | action=allow | name=clipsync server | app=c:\program files (x86)\bdwm\clipsync server\clipsync server.exe |
TCP Query User{8FECC464-BD5F-41D5-9C15-514619C1E6A5}C:\program files\android\android studio\bin\studio64.exe -> profile=private | protocol=6 | dir=in | action=allow | name=android studio windows launcher | app=c:\program files\android\android studio\bin\studio64.exe |
TCP Query User{96019723-404C-446D-999D-CDE803A92D24}C:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe -> profile=private | protocol=6 | dir=in | action=allow | name=dropbox.exe | app=c:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe |
TCP Query User{B95E6900-7B2C-406A-8DDA-9D6BBBE18ECE}C:\program files\java\jdk1.7.0_03\bin\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\java.exe |
TCP Query User{C593C2B2-2B74-4990-BC34-0C2498942BE1}C:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe -> profile=public | protocol=6 | dir=in | action=allow | name=netbeans ide | app=c:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe |
TCP Query User{CAE2AB7B-D785-4515-9013-F2EB917405C6}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -> profile=private | protocol=6 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe |
TCP Query User{CFDE3634-C2B4-444F-ADFC-82E133ED1D67}C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe -> profile=public | protocol=6 | dir=in | action=allow | name=apache http server | app=c:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe |
TCP Query User{D220F72E-E669-45CC-A2CD-E69614BE7AEF}C:\program files (x86)\soulseekns\slsk.exe -> profile=private | protocol=6 | dir=in | action=allow | name=soulseek | app=c:\program files (x86)\soulseekns\slsk.exe |
TCP Query User{D645AD26-881E-4F12-9DCA-79CF7CA8A3F5}C:\program files (x86)\cobian backup 11\cbremotemanager.exe -> profile=private | protocol=6 | dir=in | action=allow | name=cobian backup 11, gravity, remote manager | app=c:\program files (x86)\cobian backup 11\cbremotemanager.exe |
TCP Query User{D833AAE4-B082-490B-9FF0-C802C59EB2C5}C:\program files (x86)\winamp\winamp.exe -> profile=public | protocol=6 | dir=in | action=allow | name=winamp | app=c:\program files (x86)\winamp\winamp.exe |
TCP Query User{D8606489-431F-4B43-9EEC-8032368124A2}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\java.exe |
TCP Query User{DC434A06-617D-4768-B8FC-BFF08C1EB4A2}C:\program files\java\jdk1.7.0_03\bin\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\java.exe |
TCP Query User{E5AD449F-B0FB-4CEA-9314-2E4C85608B8D}C:\program files (x86)\aptana studio 3\aptanastudio3.exe -> profile=private | protocol=6 | dir=in | action=allow | name=aptanastudio3 | app=c:\program files (x86)\aptana studio 3\aptanastudio3.exe |
TCP Query User{E9DDF4E8-3C66-49BB-B638-68460158B3F2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe -> profile=private | protocol=6 | dir=in | action=allow | name=visual basic command line compiler | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
TCP Query User{F53D9E04-A828-4E08-9086-6D39ABCFD2CB}C:\phl82\tiny.exe -> profile=public | protocol=6 | dir=in | action=allow | name=tiny | app=c:\phl82\tiny.exe |
TCP Query User{FA5B3C6C-6449-4C59-BD98-8D8BE94C4E71}C:\program files (x86)\java\jdk1.7.0_25\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\javaw.exe |
UDP Query User{0E747F8E-3E0B-40B4-96A7-D576340A0DD1}C:\program files\foxit software\pdf editor\pdfedit.exe -> profile=private | protocol=17 | dir=in | action=allow | name=foxit pdf editor, the first real editor for pdf files! | app=c:\program files\foxit software\pdf editor\pdfedit.exe |
UDP Query User{15DB9273-6540-402D-9EE2-F1E451E11CB8}C:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe -> profile=public | protocol=17 | dir=in | action=allow | name=netbeans ide | app=c:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe |
UDP Query User{17A497E2-58BE-49D1-9095-5F2FCBEA553F}C:\program files (x86)\java\jdk1.7.0_25\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\javaw.exe |
UDP Query User{2A86100F-A8DF-4886-813A-BE02EC5A64A2}C:\users\allan\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe -> profile=public | protocol=17 | dir=in | action=allow | name=octoshapeclient.exe | app=c:\users\allan\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
UDP Query User{3A561E6D-8DFF-4709-AA5D-6AA6ABD3DF02}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\java.exe |
UDP Query User{3C30AA2E-7F90-4539-9179-41BE009D8CC6}C:\program files (x86)\steam\steam.exe -> profile=private | protocol=17 | dir=in | action=block | name=steam client bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04) | app=c:\program files (x86)\steam\steam.exe |
UDP Query User{4CC0139E-48DF-4660-8EB1-4D4C07445091}C:\program files\java\jdk1.7.0_03\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\javaw.exe |
UDP Query User{5201C4CF-4BA1-4D1F-9140-6B7A5E0AC143}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe -> profile=private | protocol=17 | dir=in | action=allow | name=visual basic command line compiler | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
UDP Query User{57482C2D-3315-4CD2-9488-129C82CE4AB6}C:\program files (x86)\bdwm\clipsync server\clipsync server.exe -> profile=private | protocol=17 | dir=in | action=allow | name=clipsync server | app=c:\program files (x86)\bdwm\clipsync server\clipsync server.exe |
UDP Query User{6EB36744-5465-4043-B33E-E3EDD1FBFAB2}C:\program files\android\android studio\bin\studio64.exe -> profile=private | protocol=17 | dir=in | action=allow | name=android studio windows launcher | app=c:\program files\android\android studio\bin\studio64.exe |
UDP Query User{70412804-7CB1-4041-916A-FF0BFB38D3ED}C:\program files (x86)\aptana studio 3\aptanastudio3.exe -> profile=private | protocol=17 | dir=in | action=allow | name=aptanastudio3 | app=c:\program files (x86)\aptana studio 3\aptanastudio3.exe |
UDP Query User{729A70F8-0E36-41C8-99D4-42F1C77FF8E8}C:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe -> profile=private | protocol=17 | dir=in | action=allow | name=netbeans ide | app=c:\program files (x86)\netbeans 7.3.1\bin\netbeans.exe |
UDP Query User{7716F536-67AE-4056-BEDE-8C44CFE0C72D}C:\program files (x86)\winamp\winamp.exe -> profile=public | protocol=17 | dir=in | action=allow | name=winamp | app=c:\program files (x86)\winamp\winamp.exe |
UDP Query User{7AA52209-4C18-4004-BE88-F83BB0CBDCA3}C:\phl82\tiny.exe -> profile=public | protocol=17 | dir=in | action=allow | name=tiny | app=c:\phl82\tiny.exe |
UDP Query User{806D48AB-629C-4F7B-9FBC-CE40686B2B30}C:\program files\java\jdk1.7.0_03\bin\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\java.exe |
UDP Query User{898CCE96-733F-42D8-9C40-ECDB66793934}C:\program files (x86)\cobian backup 11\cbremotemanager.exe -> profile=private | protocol=17 | dir=in | action=allow | name=cobian backup 11, gravity, remote manager | app=c:\program files (x86)\cobian backup 11\cbremotemanager.exe |
UDP Query User{8D0BD096-959A-409B-BDA7-9157818D6D99}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe -> profile=public | protocol=17 | dir=in | action=allow | name=visual basic command line compiler | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
UDP Query User{D41CC44E-3379-4F68-AF03-216B5D9D180B}C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe -> profile=public | protocol=17 | dir=in | action=allow | name=apache http server | app=c:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe |
UDP Query User{DEF5CFB4-FDE0-4E79-9012-C84BCD3F287A}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -> profile=private | protocol=17 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe |
UDP Query User{DF4FB5C6-A279-4F11-9F16-109A940354B1}C:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe -> profile=private | protocol=17 | dir=in | action=allow | name=dropbox.exe | app=c:\users\allan\appdata\roaming\dropbox\bin\dropbox.exe |
UDP Query User{E1BD681C-CDB6-4571-8982-9CC6A6A992E6}C:\program files\java\jdk1.7.0_03\bin\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jdk1.7.0_03\bin\java.exe |
UDP Query User{EED01438-45E6-4C01-9126-504157EACC6B}C:\program files (x86)\soulseekns\slsk.exe -> profile=private | protocol=17 | dir=in | action=allow | name=soulseek | app=c:\program files (x86)\soulseekns\slsk.exe |
UDP Query User{F0F58812-BCF9-4408-9838-6767DBE25921}C:\program files (x86)\java\jdk1.7.0_25\bin\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jdk1.7.0_25\bin\java.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/21 00:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = Opera.HTML] -> C:\Program Files (x86)\Opera\Opera.exe -> [2012/11/06 06:59:01 | 000,878,480 | ---- | M] (Opera Software)
.url [@ = InternetShortcut] -> C:\Windows\SysNative\rundll32.exe -> [2009/07/13 22:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/13 22:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* ->
.html [@ = Opera.HTML] -> C:\Program Files (x86)\Opera\Opera.exe -> [2012/11/06 06:59:01 | 000,878,480 | ---- | M] (Opera Software)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Classes\<extension>\ ->
.html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found
< 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807583E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2014/01/23 15:06:24 | 000,058,568 | ---- | M] (Microsoft Corporation)
< 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2012/10/01 19:35:12 | 001,235,600 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
osf:{D924BDC6-C83A-4BD5-90D0-095128A113D1} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office15\MSOSB.DLL[Protocol Class] -> [2014/04/01 17:18:24 | 000,081,088 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlpg:{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2014/05/02 12:46:36 | 002,399,872 | R--- | M] (Skype Technologies)
< 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> ->
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
64bit-NameSpace_Catalog5\Catalog_Entries64\000000000007 [WindowsLive NSP] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -> [2011/03/28 20:11:06 | 000,171,392 | ---- | M] (Microsoft Corp.)
64bit-NameSpace_Catalog5\Catalog_Entries64\000000000008 [WindowsLive Local NSP] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -> [2011/03/28 20:11:06 | 000,171,392 | ---- | M] (Microsoft Corp.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] - Select to Repair > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
_{4AB916EE-ABA8-4079-9889-745798B6D809} -> Corel Graphics - Windows Shell Extension
_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5} -> CorelDRAW Graphics Suite X7 (64-Bit)
{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} -> PDFCreator
{027E5FAB-1476-4C59-AAB4-32EF28520399} -> Windows Live Language Selector
{05198C22-FFCE-374A-B190-9F18CC99DAEA} -> Build Tools Language Resources - amd64
{05FF8209-C4F1-4C77-BC28-791653156D20} -> Microsoft System CLR Types for SQL Server 2012 (x64)
{072F491C-BF8C-4C46-A48D-C6722188E21B} -> Microsoft SQL Server Compact 4.0 x64 PTB
{0C1DE303-E41B-44BA-8ABA-B7F09D857001} -> Oracle VM VirtualBox 4.2.12
{1099E1EF-2B57-3A55-A7AE-19F0FC1427CD} -> Microsoft .NET Framework 4.5.2 (PTB)
{1111706F-666A-4037-7777-203648764D10} -> JavaFX 2.0.3 (64-bit)
{13179AB2-69FD-459B-800F-81865A501AD4} -> CorelDRAW Graphics Suite X7 - IPM T (x64)
{1A73168F-5983-46A6-AAAB-FD83BC231E02} -> CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64)
{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} -> Windows Live ID Sign-in Assistant
{1D8E6291-B0D5-35EC-8441-6616F567A0F7} -> Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
{1E9FC118-651D-4934-97BE-E53CAE5C7D45} -> Microsoft_VC80_MFCLOC_x86_x64
{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1 -> Warsaw 1.5.2.9896 64 bits
{2222706F-666A-4037-7777-203648764D10} -> JavaFX 2.0.3 SDK (64-bit)
{230D1595-57DA-4933-8C4E-375797EBB7E1} -> Bluetooth Win7 Suite (64)
{23170F69-40C1-2702-0920-000001000000} -> 7-Zip 9.20 (x64 edition)
{23B47A34-0517-48DA-8B76-015DA8546893} -> WD SmartWare
{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E} -> /7K:>2>9 ?0:5B 4;O ?>445@6:8 @07<5I5=8O =01>@0 A@54AB2 Microsoft Visual Studio Tools 4;O @01>BK A ?@8;>65=8O<8 2012 (x64) - RUS
{26784146-6E05-3FF9-9335-786C7C0FB5BE} -> Microsoft .NET Framework 4.5.2
{2C0DDC74-5234-43DD-BB5A-0645B8FE5289} -> CorelDRAW Graphics Suite X7 - Draw (x64)
{2C91CB9D-323D-43E5-A433-229B71CFB773} -> CorelDRAW Graphics Suite X7 - Capture (x64)
{2E55EEFD-2162-4A7D-9158-EDB0305603A6} -> Dell Data Vault
{2F884A17-E051-3DB7-B093-6274C98740F6} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - \Õm­´Å ¸Å´Å )Ó
{3099E885-DE8A-4099-ABE2-561DC8589DFA} -> Microsoft Antimalware Service PT-BR Language Pack
{36B98E65-CA52-348C-9ED7-77B926A16C2D} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket
{43A5C316-9521-49C3-B9B6-FCE5E1005DF0} -> Microsoft SQL Server 2012 Management Objects (x64)
{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} -> Microsoft_VC80_CRT_x86_x64
{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE} -> Microsoft SQL Server 2008 R2 Native Client
{4AB916EE-ABA8-4079-9889-745798B6D809} -> Corel Graphics - Windows Shell Extension
{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
{50B4B603-A4C6-4739-AE96-6C76A0F8A388} -> Dell Backup and Recovery Manager
{5134B35A-B559-4762-94A4-FD4918977953} -> Microsoft Web Deploy 2.0
{5162E418-BB43-4C8F-ACD6-069645EF98C3} -> CorelDRAW Graphics Suite X7 - Custom Data (x64)
{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1} -> Windows Software Development Kit DirectX x64 Remote
{5406029B-67AD-4F8E-9F2D-F1959CD9CD86} -> CorelDRAW Graphics Suite X7 - FontNav (x64)
{54C5041B-0E91-4E92-8417-AAA12493C790} -> Microsoft SQL Server 2012 Transact-SQL ScriptDom
{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5} -> CorelDRAW Graphics Suite X7 - VBA (x64)
{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA} -> Validity Sensors DDK
{5707EC26-AA9F-32C6-B7C1-347A3482CEC0} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support
{58FED865-4F13-408D-A5BF-996019C4B936} -> Microsoft SQL Server 2012 Command Line Utilities
{5CB73140-806C-42C6-A05A-1AFD0E92DEB5} -> CorelDRAW Graphics Suite X7 - Setup Files (x64)
{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
{60391499-BB97-3FC7-9F17-2BF560DCE231} -> Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU
{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} -> Roxio File Backup
{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B} -> Windows Mobile Device Center
{6281459C-49C7-49C6-A9FE-50293675B4B2} -> Corel Graphics - Windows Shell Extension 64 Bit
{64A3A4F4-B792-11D6-A78A-00B0D0170030} -> Java(TM) SE Development Kit 7 Update 3 (64-bit)
{65C91666-C3E8-3A42-BDA8-87932DD34F89} -> Microsoft Team Foundation Server 2013 Object Model (x64)
{66C10F29-31F0-4A9B-B2CF-465F488AE086} -> CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
{6C026A91-640F-4A23-8B68-05D589CC6F18} -> Microsoft SQL Server 2012 Express LocalDB
{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc} -> Microsoft Visual C++ 2005 Redistributable (x64)
{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1 -> Genymotion version 2.2.2
{73A36613-1F8F-3D94-B28A-4CC0E3CAECB5} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA
{73A64813-E631-3807-8E78-BA679EDA09A8} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - åe,gžŠ Language Pack
{78909610-D229-459C-A936-25D92283D3FD} -> Microsoft SQL Server Compact 4.0 SP1 x64 ENU
{83646B67-A878-4E95-BB4B-AF4A6E61F28C} -> CGS17_Setup_x64
{8557397C-A42D-486F-97B3-A2CBC2372593} -> Microsoft_VC90_ATL_x86_x64
{87CF757E-C1F1-4D22-865C-00C6950B5258} -> Quickset64
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8DAA31EB-6830-4006-A99F-4DF8AB24714F} -> Adobe CSI CS4 x64
{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} -> Dell Edoc Viewer
{90120064-0070-0000-0000-4000000FF1CE} -> Microsoft Visual Basic for Applications 7.1 (x64)
{90140000-00D1-0409-1000-0000000FF1CE} -> Microsoft Access database engine 2010 (English)
{90150000-0011-0000-1000-0000000FF1CE} -> Microsoft Office Professional Plus 2013
{90150000-0015-0416-1000-0000000FF1CE} -> Microsoft Access MUI (Portuguese (Brazil)) 2013
{90150000-0016-0416-1000-0000000FF1CE} -> Microsoft Excel MUI (Portuguese (Brazil)) 2013
{90150000-0018-0416-1000-0000000FF1CE} -> Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013
{90150000-0019-0416-1000-0000000FF1CE} -> Microsoft Publisher MUI (Portuguese (Brazil)) 2013
{90150000-001A-0416-1000-0000000FF1CE} -> Microsoft Outlook MUI (Portuguese (Brazil)) 2013
{90150000-001B-0416-1000-0000000FF1CE} -> Microsoft Word MUI (Portuguese (Brazil)) 2013
{90150000-001F-0409-1000-0000000FF1CE} -> Microsoft Office Proofing Tools 2013 - English
{90150000-001F-0416-1000-0000000FF1CE} -> Revisores de Texto do Microsoft Office 2013  Português do Brasil
{90150000-001F-0C0A-1000-0000000FF1CE} -> Microsoft Office Proofing Tools 2013 - Español
{90150000-002C-0416-1000-0000000FF1CE} -> Microsoft Office Proofing (Portuguese (Brazil)) 2013
{90150000-0044-0416-1000-0000000FF1CE} -> Microsoft InfoPath MUI (Portuguese (Brazil)) 2013
{90150000-006E-0416-1000-0000000FF1CE} -> Microsoft Office Shared MUI (Portuguese (Brazil)) 2013
{90150000-0090-0416-1000-0000000FF1CE} -> Microsoft DCF MUI (Portuguese (Brazil)) 2013
{90150000-00A1-0416-1000-0000000FF1CE} -> Microsoft OneNote MUI (Portuguese (Brazil)) 2013
{90150000-00BA-0416-1000-0000000FF1CE} -> Microsoft Groove MUI (Portuguese (Brazil)) 2013
{90150000-00C1-0000-1000-0000000FF1CE} -> Microsoft Office 32-bit Components 2013
{90150000-00C1-0416-1000-0000000FF1CE} -> Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013
{90150000-00E1-0416-1000-0000000FF1CE} -> Microsoft Office OSM MUI (Portuguese (Brazil)) 2013
{90150000-00E2-0416-1000-0000000FF1CE} -> Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013
{90150000-012B-0416-1000-0000000FF1CE} -> Microsoft Lync MUI (Portuguese (Brazil)) 2013
{90BF0360-A1DB-4599-A643-95AB90A52C1E} -> Microsoft_VC90_MFCLOC_x86_x64
{90F60409-7000-11D3-8CFE-0150048383C9} -> Microsoft Visual Basic for Applications 7.1 (x64) English
{90F60416-7000-11D3-8CFE-0150048383C9} -> Microsoft Visual Basic for Applications 7.1 (x64) Portuguese (Brazil)
{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B} -> CorelDRAW Graphics Suite X7 - Common (x64)
{925D058B-564A-443A-B4B2-7E90C6432E55} -> Microsoft_VC80_ATL_x86_x64
{929FBD26-9020-399B-9A7A-751D61F0B942} -> Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} -> Microsoft_VC90_CRT_x86_x64
{92DBCA36-9B41-4DD1-941A-AED149DD37F0} -> Atualização de Driver do Windows Mobile Device Center
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 -> Microsoft .NET Framework 4.5.2
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046 -> Microsoft .NET Framework 4.5.2 (Português do Brasil)
{9495AEB4-AB97-39DE-8C42-806EEF75ECA7} -> Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
{95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting
{966996DC-D67C-40E3-8BD4-31FA0F093571} -> CorelDRAW Graphics Suite X7 - VideoBrowser (x64)
{96F4525A-470D-F15C-796E-58D9988C3E5F} -> Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
{976D8FE5-8365-4313-82AC-442DC0064DE1} -> WebP Codec for Windows 0.17
{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} -> RBVirtualFolder64Inst
{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} -> Dell Touchpad
{A35C6FA0-FE7B-30C7-8492-20A751D54EAB} -> Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB
{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} -> Microsoft_VC90_MFC_x86_x64
{A508D5A2-3AC1-4594-A718-A663D6D3CF11} -> Windows Live Remote Service Resources
{A6BA243E-85A3-4635-A269-32949C98AC7F} -> Microsoft SQL Server 2012 Data-Tier App Framework (x64)
{A749D8E6-B613-3BE3-8F5F-045C84EBA29B} -> Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
{A7500970-FE98-11E1-B560-F04DA23A5C58} -> Vegas Pro 12.0 (64-bit)
{A9666880-EF3E-4354-B0FC-8C4EBC033A29} -> USB-COM-x64
{AB085680-FE98-11E1-A232-F04DA23A5C58} -> MSVCRT Redists
{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} -> Microsoft Visual C++ 2005 Redistributable (x64)
{B61F9010-3474-11E4-8C21-0800200C9A66} -> USB Debugging Driver
{B74B199A-EDD4-B657-E055-327D454402D2} -> Windows Software Development Kit DirectX x64 Remote
{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24} -> Monitor da tecnologia Intel® Turbo Boost 2.0
{BA14C6F7-A633-3E88-831B-FCC197A5A17D} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français
{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C} -> CorelDRAW Graphics Suite X7 - Connect (x64)
{C0C2D40A-1231-46FA-8F02-B45E6BF2036A} -> DigitalPersona Fingerprint Software 5.20
{C41498FE-0BF8-3B22-9785-231CE53C728E} -> Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU
{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2} -> CorelDRAW Graphics Suite X7 - Redist (x64)
{C596D608-3E74-3232-8CA5-DF1DCB9F10DE} -> Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
{C616FD4F-11F5-11E0-A38F-0013D3D69929} -> Vegas Pro 10.0 (64-bit)
{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} -> Microsoft_VC80_MFC_x86_x64
{C922F325-DD52-4E22-B204-431A06E63E51} -> CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64)
{C9608300-11F5-11E0-A64B-0013D3D69929} -> MSVCRT Redists
{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84} -> Microsoft Web Platform Installer 3.0
{CD56C9B9-FB98-372B-8BC7-FDA312CD2511} -> Microsoft Visual Studio Tools for Applications 2012 x64 Xb¡{/ec - €{SO-N‡e틊S
{CFF3C688-2198-4BC3-A399-598226949C39} -> Windows Live Remote Client Resources
{D0795B21-0CDA-4a92-AB9E-6E92D8111E44} -> SAMSUNG USB Driver for Mobile Phones
{D10A5CFA-FE33-4F06-AE37-554604F00A52} -> CorelDRAW Graphics Suite X7 - Filters (x64)
{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5} -> Microsoft SQL Server 2012 Native Client
{D63404AC-C2F1-4B3D-96EA-9727AC9D994C} -> CorelDRAW Graphics Suite X7 - Writing Tools (x64)
{DA54F80E-261C-41A2-A855-549A144F2F59} -> Windows Live MIME IFilter
{DC911ADF-7B60-40F2-A112-FB1EB6402D07} -> Microsoft Security Client PT-BR Language Pack
{DDDF762A-2D1D-36A3-9B70-70BD62B4EDCF} -> Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN
{DF6D988A-EEA0-4277-AAB8-158E086E439B} -> Windows Live Remote Client
{E02A6548-6FDE-40E2-8ED9-119D7D7E641F} -> Windows Live Remote Service
{E237254B-36A1-3D27-815E-B37C13BE0796} -> Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB
{ECCB31F5-435D-4F37-A98D-5854D3C62718} -> Intel® Hardware Accelerated Execution Manager
{EF44BCCD-13F9-4974-862C-CCFAF43EE082} -> CorelDRAW Graphics Suite X7 - IPM Content (x64)
{F74753A3-C93C-34F5-A199-993CAF602B7D} -> Build Tools - amd64
{FB501A6E-CA6D-36DA-8860-17F0E6D89155} -> Microsoft Visual Studio Tools for Applications 2012 x64 ;N§c/eôc - A~Ԛ-N‡ežŠŠWYöN
{FC41DFBE-6C39-4C84-949B-7CB1E6460C7A} -> CorelDRAW Graphics Suite X7 - BR (x64)
{FD4A43CE-ABAE-4161-83AC-314A3C804F42} -> Corel Graphics - Windows Shell Extension 32 Bit
208AD162A057D82AE056F7576AB40E2F2F52CBA1 -> Pacote de Driver do Windows - Invisibility Ltd (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00005)
9D6CE2797ECD48185B74D6E192069F8FB50D8EE7 -> Pacote de Driver do Windows - USB-COM Driver (dlsusb) USB (03/13/2013 3.22.0.1)
Android Studio -> Android Studio
BitDefender Gonzales -> Bitdefender Antivirus Free Edition
Bulk Rename Utility_is1 -> Bulk Rename Utility 2.7.1.2
CCleaner -> CCleaner
CPUID HWMonitor_is1 -> CPUID HWMonitor 1.18
D861CD0669D3F4B6C6ACD762F71A9DA5C7079273 -> Pacote de Driver do Windows - USB-COM Software (dlsusb) Ports (03/13/2013 3.22.0.1)
Defraggler -> Defraggler
ImagenomicPortraiturePlugin -> Imagenomic Portraiture 2.3 Plug-in (build 2308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) -> Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB -> Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil)
Office15.PROPLUS -> Microsoft Office Professional Plus 2013
PC-Doctor for Windows -> Dell SupportAssist
PostgreSQL 9.3 -> PostgreSQL 9.3
Recuva -> Recuva
Shop for HP Supplies -> Shop for HP Supplies
Spring 5.2 Português_x64 -> Spring 5.2 Português_x64
Sublime Text 2_is1 -> Sublime Text 2.0.2
WinRAR archiver -> WinRAR 5.11 (64-bit)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} -> Ghostscript GPL 8.64 (Msi Setup)
{03077B58-6ACF-32CA-B42A-EAA458C295A1} -> Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} -> Microsoft_VC90_ATL_x86
{0398BFBC-991B-3275-9463-D2BF91B3C80B} -> Microsoft Help Viewer 2.1
{048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam
{04DD7AF4-A6D3-4E30-9BB9-3B3670719234} -> Microsoft SQL Server 2012 T-SQL Language Service
{05308C4E-7285-4066-BAE3-6B50DA6ED755} -> Adobe Update Manager CS4
{054EFA56-2AC1-48F4-A883-0AB89874B972} -> Adobe Extension Manager CS4
{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} -> Ghostscript GPL 8.64 (Msi Setup)
{06F10ED5-41FC-4110-B5CE-4F8F79B0D38B} -> Ferramentas da Web do Microsoft SQL Server Compact 4.0 PTB
{070C38AC-05CE-43DF-9A20-141332F6AB2B} -> Microsoft System CLR Types for SQL Server 2012
{08AEF86A-1956-4846-B906-B01350E96E30} -> Entity Framework Tools for Visual Studio 2013
{08D2E121-7F6A-43EB-97FD-629B44903403} -> Microsoft_VC90_CRT_x86
{098727E1-775A-4450-B573-3F441F1CA243} -> kuler
{0A2B82D6-1A9B-48F9-6865-5E0477A94D1A} -> Balsamiq Mockups For Desktop
{0B0F231F-CE6A-483D-AA23-77B364F75917} -> Windows Live Installer
{0B698858-DAB0-4F9E-A10A-125B274EDA06} -> Microsoft Visual C++ x64 Libraries
{0D7FCBFB-F478-4D32-901C-83F0BF5A3501} -> Microsoft SQL Server Data Tools - enu (12.0.30919.1)
{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} -> Microsoft_VC80_ATL_x86
{0F723FC1-7606-4867-866C-CE80AD292DAF} -> Adobe CSI CS4
{0FE6DE07-8CBA-3F73-86B4-51B91E506D24} -> Microsoft Visual Studio Tools for Applications 2012 x86 ;N§c/eôc - A~Ԛ-N‡ežŠŠWYöN
{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8} -> Python 2.6
{11AC63B8-381A-49F4-8AE0-E1A58DB2F544}_is1 -> ScanToPDF 4.1
{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} -> Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171} -> Adobe Setup
{1618734A-3957-4ADD-8199-F973763109A8} -> Adobe Anchor Service CS4
{19A5926D-66E1-46FC-854D-163AA10A52D3} -> Microsoft .NET Framework 4.5.1 SDK
{1B876496-B3A2-4D22-9B12-B608A3FD4B8B} -> Microsoft SQL Server 2012 Data-Tier App Framework
{1F1AA110-D758-30C1-A1B4-5484C72BCACE} -> Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} -> Junk Mail filter update
{200FEC62-3C34-4D60-9CE8-EC372E01C08F} -> Windows Live SOXE Definitions
{22025051-1991-48EB-8BE8-7A3329DAE7ED} -> IIS 7.5 Express
{23E445D5-FD83-4C50-A211-EB26A2975317} -> Adobe Flash Professional CS5.5
{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} -> Skype"! 7.2
{24A390F5-0DB8-429C-BC1C-D18FD68EE4D2} -> Chilkat Crypt ActiveX
{26A24AE4-039D-4CA4-87B4-2F83218045F0} -> Java 8 Update 45
{28006915-2739-4EBE-B5E8-49B25D32EB33} -> Dell Bluetooth Installation
{287348C8-8B47-4C36-AF28-441A3B7D8722} -> Dell SupportAssistAgent
{299C0434-4F4E-341F-A916-4E07AEB35E79} -> Microsoft Visual Studio Tools for Applications 2.0 Runtime
{2BDBD1DE-2959-407F-BBC2-C9B2828CEDF2} -> HPSSupply
{2E4AB750-27D1-4D7E-BD37-BC69FD8D341E} -> ClipSync Server
{2F7DBBE6-8EBC-495C-9041-46A772F4E311} -> Microsoft SQL Server 2012 Management Objects
{30C8AA56-4088-426F-91D1-0EDFD3A25678} -> Adobe Dreamweaver CS4
{3250260C-7A95-4632-893B-89657EB5545B} -> PhotoShowExpress
{32A3A4F4-B792-11D6-A78A-00B0D0170250} -> Java SE Development Kit 7 Update 25
{3336F667-9049-4D46-98B6-4C743EEBC5B1} -> Windows Live Photo Gallery
{3371699A-C1EF-3AC3-B094-D338191FA6E9} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} -> Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C} -> Prerequisites for SSDT
{37464E70-B0B9-9DFF-649A-CBE169BAD657} -> Windows Software Development Kit for Windows Store Apps
{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9} -> Controle ActiveX do Windows Live Mesh para Conexões Remotas
{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} -> Adobe Media Player
{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} -> Adobe XMP Panels CS4
{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} -> QuickTime 7
{3E29EE6C-963A-4aae-86C1-DC237C4A49FC} -> Intel(R) Rapid Storage Technology
{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1 -> Foxit Cloud
{43B43577-2514-4CE0-B14A-7E85C17C0453} -> Windows Live Essentials
{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5} -> Windows Live Writer Resources
{46F044A5-CE8B-4196-984E-5BD6525E361D} -> Suporte para Aplicativos Apple
{4869414E-7AEA-4C8E-BE1C-8D40977FD517} -> Adobe Illustrator CS6
{492FCC0B-45E1-383A-A2CF-9E7F305AC200} -> Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} -> Adobe Service Manager Extension
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4AE57014-05C4-4864-A13D-86517A7E1BA4} -> Microsoft .NET Framework 4.5 SDK
{4C1CC654-AD64-4133-9407-9BB142E00297} -> SetupDOTR900Applet
{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} -> Google Earth
{50542AEE-76BD-4BCD-A890-E2FF4D4E051A} -> Camtasia Studio 8
{5411060C-8F8C-393D-8D3B-26AF2C92FABB} -> Microsoft Visual Studio 2013 Shell (Minimum)
{55031CEF-CE75-4A5C-8DEA-60577820529B} -> LG United Mobile Drivers
{56AD3004-0B49-967F-F682-B05650B61A78} -> Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493} -> Microsoft .NET Framework 4.5 Multi-Targeting Pack
{58056936-D3A3-4BD3-848E-EEB4CB4301D1} -> JTwainOfficeTronic
{5950473A-825B-3019-AF86-55F2F9A95FCB} -> Microsoft Visual Studio Tools for Applications 2012 Finalizer
{5A06423A-210C-49FB-950E-CB0EB8C5CEC7} -> Roxio BackOnTrack
{5D5CFAD6-9F93-8C63-3EB0-B6A0D3D4BD12} -> Windows Software Development Kit
{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} -> Google Update Helper
{631471BE-DEAB-454B-A9AC-CE3EB42C28B3} -> Microsoft ASP.NET Web Pages
{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} -> Microsoft_VC90_MFC_x86
{644063FA-ABA3-42AC-A8AC-3EDC0706018B} -> Windows Live Mesh
{64484316-E4BA-38B3-8954-0358522A8D40} -> Microsoft Visual Studio Express 2013 for Windows Desktop
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3
{66F0E678-69C2-4C46-BA95-117DF28C87E4} -> Microsoft WebMatrix
{6781FF9B-E87D-4A03-9373-A55A288B83FA} -> Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
{678800C0-D94E-4513-89CB-478F2B781A0B} -> Microsoft Visual C++ 2013 x86-x64 Compilers
{67F0E67A-8E93-4C2C-B29D-47C48262738A} -> Adobe Device Central CS4
{682B3E4F-696A-42DE-A41C-4C07EA1678B4} -> Windows Live SOXE
{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57} -> /7K:>2>9 ?0:5B 4;O ?>445@6:8 @07<5I5=8O =01>@0 A@54AB2 Microsoft Visual Studio Tools 4;O @01>BK A ?@8;>65=8O<8 2012 (x86) - RUS
{6A0C6700-EA93-372C-8871-DCCF13D160A4} -> Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040} -> Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} -> Roxio Creator Starter
{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} -> Microsoft Visual C++ 2005 Redistributable
{7259BDDA-D888-309D-ADE1-84AA0CB24FE9} -> Microsoft Visual Studio Tools for Applications 2012 x86 Xb¡{/ec - €{SO-N‡e틊S
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{7746BFAA-2B5D-4FFD-A0E8-4558F4668105} -> Roxio Burn
{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} -> Apple Software Update
{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD} -> Adobe AIR
{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} -> Adobe Type Support CS4
{83877DB1-8B77-45BC-AB43-2BAC22E093E0} -> Adobe Bridge CS4
{83C292B7-38A5-440B-A731-07070E81A64F} -> Windows Live PIMT Platform
{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F} -> Microsoft SQL Server 2008 R2 Management Objects
{842B4B72-9E8F-4962-B3C1-1C422A5C4434} -> Suite Shared Configuration CS4
{84D88F57-4130-30FE-A0B6-1E04428FE1F6} -> Microsoft Visual C++ 2013 Core Libraries
{859C7535-6862-3867-B97E-816795E8AB65} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - åe,gžŠ Language Pack
{88547073-C566-4895-9005-EBE98EA3F7C7} -> Samsung Kies3
{887868A2-D6DE-3255-AA92-AA0B5A59B874} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
{89ca2a32-2b52-4595-8dfd-6fe4757958d0} -> Microsoft Visual Studio Tools for Applications 2012
{8C6D6116-B724-4810-8F2D-D047E6B7D68E} -> Mesh Runtime
{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} -> MSVCRT
{90120000-00D1-0409-0000-0000000FF1CE} -> Microsoft Office Access database engine 2007 (English)
{9158FF30-78D7-40EF-B83E-451AC5334640} -> Adobe Photoshop CS5.1
{91F34319-08DE-457a-99C0-0BCDFAC145B9} -> CuteFTP 8 Professional
{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE} -> Zebra Setup Utilities
{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} -> Microsoft_VC80_CRT_x86
{92EA4134-10D1-418A-91E1-5A0453131A38} -> Windows Live Movie Maker
{9347889B-C22A-3905-901F-C05D8F73C929} -> Build Tools Language Resources - x86
{94D398EB-D2FD-4FD1-B8C4-592635E8A191} -> Adobe CMaps CS4
{955E1388-E1F1-320A-A018-24616ED60F95} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - \Õm­´Å ¸Å´Å )Ó
{95B8895A-8F42-42BD-9D2D-BE977007318C} -> USB-COM-Driver
{984022F2-9BCA-A41D-6A38-1AE658F01415} -> Windows Software Development Kit
{985EF141-95DD-3934-8F23-7C2C4C61E5F7} -> Microsoft Visual Studio 2013 Shell (Minimum) Resources
{9A00EC4E-27E1-42C4-98DD-662F32AC8870} -> Sonic CinePlayer Decoder Pack
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9BE518E6-ECC6-35A9-88E4-87755C07200F} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
{9D56775A-93F3-44A3-8092-840E3826DE30} -> Windows Live Mail
{9DA3F03B-2CEE-4344-838E-117861E61FAF} -> Windows Live Mail
{9E7DE17D-A9E2-4762-8C10-1E80F5976F4A} -> Microsoft Visual Studio 2013 Preparation
{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1 -> Convert AVI to MP4
{A121EEDE-C68F-461D-91AA-D48BA226AF1C} -> Roxio Activation Module
{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4} -> Windows Live Movie Maker
{A1CB8286-CFB3-A985-D799-721A0F2A27F3} -> Windows Software Development Kit DirectX x86 Remote
{A2CCB3C1-3DF9-4E3E-8D3F-DDBBCDDB28B5} -> Microsoft C++ REST SDK for Visual Studio 2013
{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077} -> Microsoft Visual C++ x86 Libraries
{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
{A6030DAD-1600-F767-C8DD-C722ADFE8FBC} -> Windows Software Development Kit DirectX x86 Remote
{A726AE06-AAA3-43D1-87E3-70F510314F04} -> Windows Live Writer
{A78FE97A-C0C8-49CE-89D0-EDD524A17392} -> PDF Settings CS5
{A8D93648-9F7F-407D-915C-62044644C3DA} -> MSI to redistribute MS VS2005 CRT libraries
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} -> Windows Live Photo Common
{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} -> Microsoft Visual Studio Tools for Applications 2.0 - ENU
{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} -> Windows Live Writer
{AC76BA86-7AD7-1033-7B44-AB0000000001} -> Adobe Reader XI (11.0.10)
{AC76BA86-7AD7-2530-0000-A00000000049} -> Extended Asian Language font pack for Adobe Reader XI
{AE937DBA-FEFD-3BFE-9860-0591C0F91D61} -> Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
{AF37176A-78CA-545B-34EF-8B6A21514DD1} -> Adobe Help Manager
{AF9E97C1-7431-426D-A8D5-ABE40995C0B1} -> DirectX 9 Runtime
{B175520C-86A2-35A7-8619-86DC379688B9} -> Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
{B29AD377-CC12-490A-A480-1452337C618D} -> Connect
{B33B61FE-701F-425F-98AB-2B85725CBF68} -> Windows Live Photo Common
{B3BE54A4-8DFE-4593-8E66-56AB7133B812} -> Windows Live Writer
{B6D38690-755E-4F40-A35A-23F8BC2B86AC} -> Microsoft_VC90_MFCLOC_x86
{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
{BB4E33EC-8181-4685-96F7-8554293DEC6A} -> Adobe Output Module
{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1 -> Sothink SWF Decompiler
{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} -> Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
{bec3d87e-1d6d-4b15-8383-29068c86b888} -> Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} -> PDF Settings CS6
{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA} -> Microsoft SQL Server System CLR Types
{C52E3EC1-048C-45E1-8D53-10B0C6509683} -> Adobe Default Language CS4
{C5A17590-8CBE-3581-965D-EF183BE07920} -> Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core
{C779648B-410E-4BBA-B75B-5815BCEFE71D} -> Safari
{C9E1343D-E21E-4508-A1BE-04A089EC137D} -> Windows Live Messenger
{C9E7751E-88ED-36CF-B610-71A1D262E906} -> Team Explorer for Microsoft Visual Studio 2013
{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
{CC75AB5C-2110-4A7F-AF52-708680D22FE8} -> Photoshop Camera Raw
{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} -> Windows Live UX Platform
{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} -> Microsoft .NET Framework 4 Multi-Targeting Pack
{D0B44725-3666-492D-BEF6-587A14BD9BD9} -> MSVCRT_amd64
{D1A19B02-817E-4296-A45B-07853FD74D57} -> Microsoft_VC80_MFC_x86
{D2437C5C-2D8C-40D2-8059-689AD7239FA3} -> Intel(R) C++ Redistributables for Windows* on Intel(R) 64
{D3517C62-68A5-37CF-92F7-93C029A89681} -> Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
{D3F9A17B-0655-45B9-899D-7B46DC1CD2CC} -> DevExtras - CodeReflect
{D45240D3-B6B3-4FF9-B243-54ECE3E10066} -> Windows Live Communications Platform
{D7AF797B-6112-4FDC-8999-D05AA14666A9} -> BRySigner 3.1.9.0
{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} -> Microsoft_VC80_MFCLOC_x86
{DECDCB7C-58CC-4865-91AF-627F9798FE48} -> Windows Live Mesh
{DF71ABBB-B834-41C0-BB58-80B0545D754C} -> Windows Live UX Platform Language Pack
{E09C4DB7-630C-4F06-A631-8EA7239923AF} -> D3DX10
{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} -> IDT Audio
{E3DF0E76-825F-4377-9BB6-F8F1DC204287} -> MySQL Workbench 5.2 CE
{E5B21F11-6933-4E0B-A25C-7963E3C07D11} -> Windows Live Messenger
{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704} -> Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
{EB514FFD-5FBA-3C53-94F8-3A2B96C5E7A8} -> Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources
{EB8B74A6-E178-4AC0-95E1-5A61D1EE8BC7} -> AV176+
{ED885463-044B-436D-9DD9-B486A4FFF964} -> Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop
{EF56258E-0326-48C5-A86C-3BAC26FC15DF} -> Roxio Creator Starter
{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} -> Roxio Creator Starter
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} -> Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} -> Intel(R) Processor Graphics
{F0E64E2E-3A60-40D8-A55D-92F6831875DA} -> Adobe Search for Help
{F361FE04-789E-42F3-BBAB-E7B380AA5E06} -> Windows XP Targeting with C++
{F7A46527-DF1F-4B0F-9637-98547E189442} -> Windows Live Galeria de Fotos
{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} -> Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} -> Adobe ExtendScript Toolkit CS4
{F9000000-0001-0000-0000-074957833700} -> ABBYY FineReader 9.0 Professional Edition
{F93C84A6-0DC6-42AF-89FA-776F7C377353} -> Adobe PDF Library Files CS4
{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9} -> Build Tools - x86
{FCB3772C-B7D0-4933-B1A9-3707EBACC573} -> Intel(R) SDK for OpenCL - CPU Only Runtime Package
{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
ActiveTouchMeetingClient -> Cisco WebEx Meetings
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 17 ActiveX
Adobe Flash Player NPAPI -> Adobe Flash Player 17 NPAPI
Adobe_acce07fd2c8fe7f9e3f26243e626578 -> Adobe Dreamweaver CS4
Advanced Audio FX Engine -> Advanced Audio FX Engine
Aleph -> Aleph 20.1
Apache/PHP 2.2.22-5.3.10-1 -> Apache/PHP 2.2.22-5.3.10
A-PDF INFO Changer_is1 -> A-PDF INFO Changer 2.0
Aptana Studio 3 -> Aptana Studio 3
BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 -> Balsamiq Mockups For Desktop
chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Help Manager
CobBackup11 -> Cobian Backup 11 Gravity
com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player
DAEMON Tools Lite -> DAEMON Tools Lite
Dell Webcam Central -> Dell Webcam Central
Dev-C++ -> Dev-C++ 5 beta 9 release (4.9.9.2)
D-i-v-X - AVI Codec Pack Pro -> D-i-v-X AVI Codec Pack Pro 2.4.0
FileZilla Client -> FileZilla Client 3.10.3
Foxit PDF Editor -> Foxit PDF Editor
Foxit Reader_is1 -> Foxit Reader
Git_is1 -> Git version 1.8.1.2-preview20130201
IETester -> IETester v0.4.11 (remove only)
ImageMagick 6.6.7 Q16_is1 -> ImageMagick 6.6.7-2 Q16 (2011-01-15)
InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} -> Samsung Kies3
KLiteCodecPack_is1 -> K-Lite Mega Codec Pack 9.9.9
LG On-Screen Phone -> LG On-Screen Phone
Malwarebytes Anti-Malware_is1 -> Malwarebytes Anti-Malware versão 2.0.4.1028
Microsoft Help Viewer 2.1 -> Microsoft Help Viewer 2.1
Mozilla Firefox 37.0.2 (x86 pt-BR) -> Mozilla Firefox 37.0.2 (x86 pt-BR)
MozillaMaintenanceService -> Mozilla Maintenance Service
Mp3tag -> Mp3tag v2.63
nbi-glassfish-mod-4.0.0.89.0 -> GlassFish Server Open Source Edition 4.0
nbi-nb-base-7.3.1.0.201306052037 -> NetBeans IDE 7.3.1
Notepad++ -> Notepad++
Opera 12.10.1652 -> Opera 12.10
phpPgAdmin 5.0.4-1 -> phpPgAdmin 5.0.4
PIL-py2.6 -> Python 2.6 PIL-1.1.7
Revo Uninstaller -> Revo Uninstaller 1.95
Samsung SideSync -> Samsung SideSync 3.0
Soulseek2 -> SoulSeek 157 NS 13e
StarUML_is1 -> StarUML 5.0.2.1570
TagCheck HTML and XML Tag Checker V1.5_is1 -> TagCheck HTML and XML Tag Checker V1.5
TeamViewer -> TeamViewer 10
VLC media player -> VLC media player
WampServer 2_is1 -> WampServer 2.2
Winamp -> Winamp
WinLiveSuite -> Windows Live Essentials
WinMerge_is1 -> WinMerge 2.12.4
WinPcapInst -> WinPcap 4.1.1
WinX Free DVD to AVI Ripper_is1 -> WinX Free DVD to AVI Ripper 4.4.3
x264vfw -> x264vfw - H.264/MPEG-4 AVC codec (remove only)
Zebra Font Downloader_is1 -> Zebra Font Downloader
Zebra Setup Utilities -> Zebra Setup Utilities
ZHPDiag_is1 -> ZHPDiag 2015
< Uninstall List [HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\] > -> HKEY_USERS\S-1-5-21-4145504383-1758021648-1909431757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
Dropbox -> Dropbox
Google Chrome -> Google Chrome
MyFreeCodec -> MyFreeCodec
Octoshape Streaming Services -> Octoshape Streaming Services
PHL8.2 -> PHL8.2
phl82 -> phl82
uCertify Z200-530 -> uCeritify Z200-530 - Zend PHP 5.3
UnityWebPlayer -> Unity Web Player
uTorrent -> µTorrent
Winamp Detect -> Winamp Detectar Aplicação
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 1
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 288
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 1
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 288
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 1
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 288
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 1
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 288
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 1
Application [ Error ] 13/08/2013 09:39:18 Computer Name = Allan-PC | Source = Protexis Licensing Service | ID = 49 -> Description = Failed to Release Mutex Error ID = Returned Error 288
System [ Error ] 06/05/2015 06:53:20 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para FailureCommand com o seguinte erro: %%5
System [ Error ] 07/05/2015 06:43:14 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7009 -> Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Dell SupportAssist Agent.
System [ Error ] 07/05/2015 06:43:14 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7000 -> Description = Não foi possível iniciar o serviço Dell SupportAssist Agent devido ao seguinte erro: %%1053
System [ Error ] 07/05/2015 06:52:30 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para Start com o seguinte erro: %%5
System [ Error ] 07/05/2015 06:53:09 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para FailureCommand com o seguinte erro: %%5
System [ Error ] 08/05/2015 10:19:56 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para Start com o seguinte erro: %%5
System [ Error ] 08/05/2015 10:20:10 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para FailureCommand com o seguinte erro: %%5
System [ Error ] 08/05/2015 11:01:35 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para Start com o seguinte erro: %%5
System [ Error ] 08/05/2015 11:02:11 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7006 -> Description = A chamada ScRegSetValueExW falhou para FailureCommand com o seguinte erro: %%5
System [ Error ] 12/05/2015 09:45:45 Computer Name = Allan-PC | Source = Service Control Manager | ID = 7000 -> Description = Não foi possível iniciar o serviço bdfwfpf devido ao seguinte erro: %%2

[Files/Folders - Created Within 30 Days]
avchv.sys -> C:\Windows\SysNative\drivers\avchv.sys -> [2015/05/12 10:51:04 | 000,261,056 | ---- | C] (BitDefender)
Antivirus Free Edition -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition -> [2015/05/12 10:45:45 | 000,000,000 | ---D | C]
LastGood -> C:\Windows\LastGood -> [2015/05/12 10:45:43 | 000,000,000 | ---D | C]
avc3.sys -> C:\Windows\SysNative\drivers\avc3.sys -> [2015/05/12 10:45:39 | 000,718,840 | ---- | C] (BitDefender)
avckf.sys -> C:\Windows\SysNative\drivers\avckf.sys -> [2015/05/12 10:45:39 | 000,593,144 | ---- | C] (BitDefender)
Bitdefender -> C:\Program Files\Bitdefender -> [2015/05/12 10:42:16 | 000,000,000 | ---D | C]
trufos.sys -> C:\Windows\SysNative\drivers\trufos.sys -> [2015/05/12 10:42:10 | 000,382,536 | ---- | C] (BitDefender S.R.L.)
gzflt.sys -> C:\Windows\SysNative\drivers\gzflt.sys -> [2015/05/12 10:42:10 | 000,148,696 | ---- | C] (BitDefender LLC)
QuickScan -> C:\Users\Allan\AppData\Roaming\QuickScan -> [2015/05/12 10:41:41 | 000,000,000 | ---D | C]
ImageMagick 6.6.7 Q16 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.6.7 Q16 -> [2015/05/08 11:33:05 | 000,000,000 | ---D | C]
imagemagick -> C:\imagemagick -> [2015/05/08 11:32:48 | 000,000,000 | ---D | C]
testes-ltda -> C:\testes-ltda -> [2015/05/07 16:53:14 | 000,000,000 | ---D | C]
Mozilla Firefox -> C:\Program Files (x86)\Mozilla Firefox -> [2015/05/07 15:52:11 | 000,000,000 | ---D | C]
PDFCreator -> C:\Users\Allan\AppData\Local\PDFCreator -> [2015/05/05 11:20:43 | 000,000,000 | ---D | C]
.AndroidStudio1.2 -> C:\Users\Allan\.AndroidStudio1.2 -> [2015/05/05 08:02:13 | 000,000,000 | ---D | C]
Foxit Software -> C:\Users\Allan\AppData\Roaming\Foxit Software -> [2015/05/04 15:12:17 | 000,000,000 | ---D | C]
Foxit Software -> C:\Program Files (x86)\Foxit Software -> [2015/05/04 15:11:49 | 000,000,000 | ---D | C]
CrashDumps -> C:\Users\Allan\AppData\Local\CrashDumps -> [2015/05/04 13:49:24 | 000,000,000 | ---D | C]
ZHPDiag -> C:\Program Files (x86)\ZHPDiag -> [2015/05/04 07:44:21 | 000,000,000 | ---D | C]
ZHP -> C:\Users\Allan\AppData\Roaming\ZHP -> [2015/04/29 16:43:23 | 000,000,000 | ---D | C]
.android -> C:\Users\Allan\.android -> [2015/04/29 08:33:42 | 000,000,000 | ---D | C]
Publish Providers -> C:\Users\Allan\AppData\Roaming\Publish Providers -> [2015/04/28 15:13:52 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2015/04/28 14:25:54 | 000,000,000 | -HSD | C]
Validity -> C:\ProgramData\Validity -> [2015/04/28 14:24:51 | 000,000,000 | ---D | C]
Temp -> C:\Windows\Temp -> [2015/04/28 14:21:37 | 000,000,000 | ---D | C]
Temp -> C:\Users\Allan\AppData\Local\Temp -> [2015/04/28 14:21:37 | 000,000,000 | ---D | C]
zoek_backup -> C:\zoek_backup -> [2015/04/28 13:52:56 | 000,000,000 | ---D | C]
Oracle -> C:\Users\Allan\AppData\Roaming\Oracle -> [2015/04/27 08:31:35 | 000,000,000 | ---D | C]
AdwCleaner -> C:\AdwCleaner -> [2015/04/24 07:52:47 | 000,000,000 | ---D | C]
WinDivert64.sys -> C:\Windows\SysNative\WinDivert64.sys -> [2015/04/23 17:00:05 | 000,038,104 | ---- | C] (Basil)
WinDivert.dll -> C:\Windows\SysNative\WinDivert.dll -> [2015/04/23 17:00:04 | 000,034,104 | ---- | C] (Basil)
GAS Tecnologia -> C:\Program Files (x86)\GAS Tecnologia -> [2015/04/23 13:49:58 | 000,000,000 | ---D | C]
Diebold -> C:\Program Files (x86)\Diebold -> [2015/04/23 13:49:58 | 000,000,000 | ---D | C]
Diebold -> C:\Program Files\Diebold -> [2015/04/23 13:49:41 | 000,000,000 | ---D | C]
BT Devices -> C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices -> [2015/04/21 08:24:52 | 000,000,000 | R--D | C]
1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp ->
1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp ->
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files/Folders - Modified Within 30 Days]
GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000UA.job -> [2015/05/12 16:50:01 | 000,001,078 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2015/05/12 16:49:14 | 000,001,070 | ---- | M] ()
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/05/12 16:41:00 | 000,000,902 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2015/05/12 13:29:00 | 001,841,316 | ---- | M] ()
prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2015/05/12 13:29:00 | 000,783,774 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2015/05/12 13:29:00 | 000,727,290 | ---- | M] ()
prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2015/05/12 13:29:00 | 000,174,146 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2015/05/12 13:29:00 | 000,147,006 | ---- | M] ()
Dropbox.lnk -> C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> [2015/05/12 10:52:58 | 000,001,139 | ---- | M] ()
avchv.sys -> C:\Windows\SysNative\drivers\avchv.sys -> [2015/05/12 10:51:04 | 000,261,056 | ---- | M] (BitDefender)
1431438101.bdinstall.bin -> C:\ProgramData\1431438101.bdinstall.bin -> [2015/05/12 10:46:37 | 000,205,769 | ---- | M] ()
epplauncher.mif -> C:\Windows\epplauncher.mif -> [2015/05/12 10:41:15 | 000,001,912 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2015/05/12 07:53:28 | 000,026,352 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2015/05/12 07:53:28 | 000,026,352 | -H-- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2015/05/12 07:49:08 | 000,001,066 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000Core.job -> [2015/05/12 07:45:07 | 000,001,026 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2015/05/12 07:36:08 | 000,067,584 | --S- | M] ()
MBAMSwissArmy.sys -> C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -> [2015/05/08 16:05:53 | 000,129,752 | ---- | M] (Malwarebytes Corporation)
hiberfil.sys -> C:\hiberfil.sys -> [2015/05/08 11:50:15 | 463,871,999 | -HS- | M] ()
Adobe PNG Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe PNG Format CS5 Prefs -> [2015/05/07 08:17:31 | 000,000,132 | ---- | M] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/05/04 07:59:49 | 000,000,512 | ---- | M] ()
Adobe GIF Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe GIF Format CS5 Prefs -> [2015/04/30 08:42:30 | 000,000,132 | ---- | M] ()
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2015/04/30 07:52:15 | 000,000,841 | ---- | M] ()
ZHPCleaner.exe -> C:\Users\Allan\ZHPCleaner.exe -> [2015/04/30 07:38:34 | 001,815,552 | ---- | M] ()
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/28 13:52:54 | 000,024,064 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2015/04/24 07:59:02 | 005,661,328 | ---- | M] ()
WinDivert64.sys -> C:\Windows\SysNative\WinDivert64.sys -> [2015/04/23 17:00:05 | 000,038,104 | ---- | M] (Basil)
WinDivert.dll -> C:\Windows\SysNative\WinDivert.dll -> [2015/04/23 17:00:05 | 000,034,104 | ---- | M] (Basil)
unins000.dat -> C:\Users\Allan\AppData\Roaming\unins000.dat -> [2015/04/23 13:49:17 | 000,032,330 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2015/04/15 18:14:59 | 001,806,590 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Allan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2015/04/13 15:33:06 | 000,010,752 | ---- | M] ()
1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp ->
1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp ->
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files - No Company Name]
1431438101.bdinstall.bin -> C:\ProgramData\1431438101.bdinstall.bin -> [2015/05/12 10:46:37 | 000,205,769 | ---- | C] ()
Foxit Reader.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader.lnk -> [2015/05/04 15:12:03 | 000,001,375 | ---- | C] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/05/04 07:59:49 | 000,000,512 | ---- | C] ()
ZHPFix.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHPFix.lnk -> [2015/05/04 07:44:26 | 000,002,011 | ---- | C] ()
ZHPDiag.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHPDiag.lnk -> [2015/05/04 07:44:26 | 000,001,884 | ---- | C] ()
ZHPCleaner.exe -> C:\Users\Allan\ZHPCleaner.exe -> [2015/04/30 07:38:34 | 001,815,552 | ---- | C] ()
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/28 14:21:37 | 000,024,064 | ---- | C] ()
VLC media player.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC media player.lnk -> [2015/04/23 10:24:40 | 000,001,090 | ---- | C] ()
ieuinit.inf -> C:\Windows\SysWow64\ieuinit.inf -> [2015/04/15 09:39:24 | 000,016,303 | ---- | C] ()
ieuinit.inf -> C:\Windows\SysNative\ieuinit.inf -> [2015/04/15 09:39:22 | 000,016,303 | ---- | C] ()
WinUpdateCfg.exe -> C:\Windows\SysWow64\WinUpdateCfg.exe -> [2015/01/16 10:43:22 | 000,041,472 | ---- | C] ()
unins000.dat -> C:\Users\Allan\AppData\Roaming\unins000.dat -> [2014/07/14 15:34:31 | 000,032,330 | ---- | C] ()
igvpkrng600.bin -> C:\Windows\SysWow64\igvpkrng600.bin -> [2014/02/12 07:58:27 | 000,272,928 | ---- | C] ()
igdde32.dll -> C:\Windows\SysWow64\igdde32.dll -> [2014/02/12 07:58:21 | 000,064,512 | ---- | C] ()
igcodeckrng600.bin -> C:\Windows\SysWow64\igcodeckrng600.bin -> [2014/02/12 07:58:20 | 000,963,388 | ---- | C] ()
Adobe BMP Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe BMP Format CS5 Prefs -> [2014/02/06 09:48:33 | 000,000,132 | ---- | C] ()
Adobe Save for Web 12.0 Prefs -> C:\Users\Allan\AppData\Local\Adobe Save for Web 12.0 Prefs -> [2013/10/08 14:28:09 | 000,001,456 | ---- | C] ()
lagarith.dll -> C:\Windows\SysWow64\lagarith.dll -> [2013/06/27 08:11:28 | 000,216,064 | ---- | C] ( )
unrar.dll -> C:\Windows\SysWow64\unrar.dll -> [2013/06/27 08:11:24 | 000,178,688 | ---- | C] ()

[File - Lop Check]
7 Sticky Notes -> C:\Users\Allan\AppData\Roaming\7 Sticky Notes -> [2014/08/07 09:02:34 | 000,000,000 | ---D | M]
Aimersoft DVD Ripper -> C:\Users\Allan\AppData\Roaming\Aimersoft DVD Ripper -> [2014/06/17 13:17:14 | 000,000,000 | ---D | M]
BalsamiqMockupsForDesktop -> C:\Users\Allan\AppData\Roaming\BalsamiqMockupsForDesktop -> [2014/01/31 07:44:24 | 000,000,000 | ---D | M]
BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 -> C:\Users\Allan\AppData\Roaming\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 -> [2014/01/31 07:44:24 | 000,000,000 | ---D | M]
BRySigner -> C:\Users\Allan\AppData\Roaming\BRySigner -> [2013/02/26 09:42:40 | 000,000,000 | ---D | M]
chc -> C:\Users\Allan\AppData\Roaming\chc -> [2013/11/27 07:27:04 | 000,000,000 | ---D | M]
chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> C:\Users\Allan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> [2012/05/09 17:09:52 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\Allan\AppData\Roaming\DAEMON Tools Lite -> [2014/11/27 09:52:12 | 000,000,000 | ---D | M]
Dev-Cpp -> C:\Users\Allan\AppData\Roaming\Dev-Cpp -> [2012/02/23 13:18:55 | 000,000,000 | ---D | M]
Digiarty -> C:\Users\Allan\AppData\Roaming\Digiarty -> [2014/06/17 13:24:23 | 000,000,000 | ---D | M]
DigitalPersona -> C:\Users\Allan\AppData\Roaming\DigitalPersona -> [2012/01/09 06:41:42 | 000,000,000 | ---D | M]
Dropbox -> C:\Users\Allan\AppData\Roaming\Dropbox -> [2015/05/12 10:53:05 | 000,000,000 | ---D | M]
FileZilla -> C:\Users\Allan\AppData\Roaming\FileZilla -> [2015/05/12 16:04:59 | 000,000,000 | ---D | M]
Foxit Software -> C:\Users\Allan\AppData\Roaming\Foxit Software -> [2015/05/04 15:12:20 | 000,000,000 | ---D | M]
GlobalSCAPE -> C:\Users\Allan\AppData\Roaming\GlobalSCAPE -> [2012/01/09 07:45:20 | 000,000,000 | ---D | M]
Imagenomic -> C:\Users\Allan\AppData\Roaming\Imagenomic -> [2014/03/19 10:56:02 | 000,000,000 | ---D | M]
JetBrains -> C:\Users\Allan\AppData\Roaming\JetBrains -> [2015/01/13 07:48:30 | 000,000,000 | ---D | M]
JWrapper-RecordableActivator -> C:\Users\Allan\AppData\Roaming\JWrapper-RecordableActivator -> [2015/02/13 07:21:42 | 000,000,000 | ---D | M]
Mc & RENOX -> C:\Users\Allan\AppData\Roaming\Mc & RENOX -> [2013/10/28 06:56:20 | 000,000,000 | ---D | M]
Mp3tag -> C:\Users\Allan\AppData\Roaming\Mp3tag -> [2015/04/27 15:26:37 | 000,000,000 | ---D | M]
MySQL -> C:\Users\Allan\AppData\Roaming\MySQL -> [2012/06/28 09:35:54 | 000,000,000 | ---D | M]
NetBeans -> C:\Users\Allan\AppData\Roaming\NetBeans -> [2013/08/06 08:19:16 | 000,000,000 | ---D | M]
Notepad++ -> C:\Users\Allan\AppData\Roaming\Notepad++ -> [2012/01/09 13:54:58 | 000,000,000 | ---D | M]
NuGet -> C:\Users\Allan\AppData\Roaming\NuGet -> [2014/04/23 08:36:56 | 000,000,000 | ---D | M]
Octoshape -> C:\Users\Allan\AppData\Roaming\Octoshape -> [2012/07/30 13:43:15 | 000,000,000 | ---D | M]
Opera -> C:\Users\Allan\AppData\Roaming\Opera -> [2012/01/26 10:41:13 | 000,000,000 | ---D | M]
Oracle -> C:\Users\Allan\AppData\Roaming\Oracle -> [2015/04/27 08:31:35 | 000,000,000 | ---D | M]
PCDr -> C:\Users\Allan\AppData\Roaming\PCDr -> [2014/07/15 15:02:41 | 000,000,000 | ---D | M]
PDAppFlex -> C:\Users\Allan\AppData\Roaming\PDAppFlex -> [2014/06/13 11:11:55 | 000,000,000 | ---D | M]
PDF Architect -> C:\Users\Allan\AppData\Roaming\PDF Architect -> [2013/10/01 15:16:17 | 000,000,000 | ---D | M]
postgresql -> C:\Users\Allan\AppData\Roaming\postgresql -> [2013/09/24 08:57:59 | 000,000,000 | ---D | M]
Publish Providers -> C:\Users\Allan\AppData\Roaming\Publish Providers -> [2015/04/28 15:13:52 | 000,000,000 | ---D | M]
QuickScan -> C:\Users\Allan\AppData\Roaming\QuickScan -> [2015/05/12 10:42:24 | 000,000,000 | ---D | M]
Samsung -> C:\Users\Allan\AppData\Roaming\Samsung -> [2015/02/11 15:46:07 | 000,000,000 | ---D | M]
ScanToPDF_4 -> C:\Users\Allan\AppData\Roaming\ScanToPDF_4 -> [2013/02/20 09:00:49 | 000,000,000 | ---D | M]
Sony -> C:\Users\Allan\AppData\Roaming\Sony -> [2014/01/29 13:53:47 | 000,000,000 | ---D | M]
Sony Creative Software Inc -> C:\Users\Allan\AppData\Roaming\Sony Creative Software Inc -> [2014/01/16 15:16:00 | 000,000,000 | ---D | M]
StageManager.BD092818F67280F4B42B04877600987F0111B594.1 -> C:\Users\Allan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 -> [2014/11/19 10:24:52 | 000,000,000 | ---D | M]
Subversion -> C:\Users\Allan\AppData\Roaming\Subversion -> [2012/12/18 14:49:01 | 000,000,000 | ---D | M]
TeamViewer -> C:\Users\Allan\AppData\Roaming\TeamViewer -> [2015/03/16 11:49:05 | 000,000,000 | ---D | M]
TechSmith -> C:\Users\Allan\AppData\Roaming\TechSmith -> [2015/01/28 07:14:25 | 000,000,000 | ---D | M]
Thunderbird -> C:\Users\Allan\AppData\Roaming\Thunderbird -> [2013/02/22 09:26:44 | 000,000,000 | ---D | M]
uTorrent -> C:\Users\Allan\AppData\Roaming\uTorrent -> [2015/05/11 16:25:00 | 000,000,000 | ---D | M]
ZHP -> C:\Users\Allan\AppData\Roaming\ZHP -> [2015/05/04 10:59:20 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2014/08/29 19:00:33 | 000,032,608 | ---- | M] ()
[Custom Scans]
< %systemdrive%\*.* >
.rnd -> C:\.rnd -> [2014/09/25 16:18:56 | 000,001,024 | ---- | M] ()
bar.emf -> C:\bar.emf -> [2012/11/08 09:12:22 | 000,000,768 | ---- | M] ()
dell.sdr -> C:\dell.sdr -> [2012/01/05 00:40:59 | 000,026,059 | RH-- | M] ()
eula.1028.txt -> C:\eula.1028.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.1031.txt -> C:\eula.1031.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.1033.txt -> C:\eula.1033.txt -> [2007/11/07 07:00:40 | 000,010,134 | ---- | M] ()
eula.1036.txt -> C:\eula.1036.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.1040.txt -> C:\eula.1040.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.1041.txt -> C:\eula.1041.txt -> [2007/11/07 07:00:40 | 000,000,118 | ---- | M] ()
eula.1042.txt -> C:\eula.1042.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.2052.txt -> C:\eula.2052.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
eula.3082.txt -> C:\eula.3082.txt -> [2007/11/07 07:00:40 | 000,017,734 | ---- | M] ()
freefallprotection.log -> C:\freefallprotection.log -> [2012/08/06 07:29:48 | 000,000,703 | ---- | M] ()
globdata.ini -> C:\globdata.ini -> [2007/11/07 07:00:40 | 000,001,110 | ---- | M] ()
HaxLogs.txt -> C:\HaxLogs.txt -> [2015/05/08 11:51:18 | 000,000,091 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/05/08 11:50:15 | 463,871,999 | -HS- | M] ()
install.ini -> C:\install.ini -> [2007/11/07 07:00:40 | 000,000,843 | ---- | M] ()
install.res.1028.dll -> C:\install.res.1028.dll -> [2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation)
install.res.1031.dll -> C:\install.res.1031.dll -> [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation)
install.res.1033.dll -> C:\install.res.1033.dll -> [2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation)
install.res.1036.dll -> C:\install.res.1036.dll -> [2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation)
install.res.1040.dll -> C:\install.res.1040.dll -> [2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation)
install.res.1041.dll -> C:\install.res.1041.dll -> [2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation)
install.res.1042.dll -> C:\install.res.1042.dll -> [2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation)
install.res.2052.dll -> C:\install.res.2052.dll -> [2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation)
install.res.3082.dll -> C:\install.res.3082.dll -> [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation)
log.txt -> C:\log.txt -> [2015/01/16 10:43:46 | 000,000,046 | ---- | M] ()
out.txt -> C:\out.txt -> [2012/10/01 14:36:51 | 000,000,541 | ---- | M] ()
pagefile.sys -> C:\pagefile.sys -> [2015/05/08 11:50:23 | 2050,154,495 | -HS- | M] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/05/04 07:59:49 | 000,000,512 | ---- | M] ()
tesseract.log -> C:\tesseract.log -> [2012/02/23 14:23:15 | 000,000,133 | ---- | M] ()
vcredist.bmp -> C:\vcredist.bmp -> [2007/11/07 07:00:40 | 000,005,686 | ---- | M] ()
VC_RED.cab -> C:\VC_RED.cab -> [2007/11/07 07:09:22 | 001,442,522 | ---- | M] ()
VC_RED.MSI -> C:\VC_RED.MSI -> [2007/11/07 07:12:28 | 000,232,960 | ---- | M] ()
zoek-results.log -> C:\zoek-results.log -> [2015/04/28 14:25:40 | 000,023,176 | ---- | M] ()
< %systemdrive%\drivers\*.exe >
< %systemroot%\system32\drivers\*.* /90 >
< %programfiles%\*.* >
desktop.ini -> C:\Program Files (x86)\desktop.ini -> [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] ()
< %localappdata%\*.exe >
< %localappdata%\*.txt >
< %localappdata%\*.ini >
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Allan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2015/04/13 15:33:06 | 000,010,752 | ---- | M] ()
< %localappdata%\*.dll >
< %localappdata%\*.dat >
GDIPFONTCACHEV1.DAT -> C:\Users\Allan\AppData\Local\GDIPFONTCACHEV1.DAT -> [2015/04/23 15:22:16 | 000,189,992 | ---- | M] ()
< %userprofile%\*.exe >
ZHPCleaner.exe -> C:\Users\Allan\ZHPCleaner.exe -> [2015/04/30 07:38:34 | 001,815,552 | ---- | M] ()
< %userprofile%\*.txt >
< %userprofile%\*.ini >
ntuser.ini -> C:\Users\Allan\ntuser.ini -> [2012/01/09 06:41:26 | 000,000,020 | -HS- | M] ()
< %userprofile%\*.dll >
< %userprofile%\*.dat /30 >
NTUSER.DAT -> C:\Users\Allan\NTUSER.DAT -> [2015/05/12 16:50:10 | 011,796,480 | -HS- | M] ()
< %appdata%\*.* >
Adobe BMP Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe BMP Format CS5 Prefs -> [2014/09/29 11:03:22 | 000,000,132 | ---- | M] ()
Adobe GIF Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe GIF Format CS5 Prefs -> [2015/04/30 08:42:30 | 000,000,132 | ---- | M] ()
Adobe PNG Format CS5 Prefs -> C:\Users\Allan\AppData\Roaming\Adobe PNG Format CS5 Prefs -> [2015/05/07 08:17:31 | 000,000,132 | ---- | M] ()
unins000.dat -> C:\Users\Allan\AppData\Roaming\unins000.dat -> [2015/04/23 13:49:17 | 000,032,330 | ---- | M] ()
< %systemroot%\system32\tasks\*.* >
< %windir%\tasks\*.* >
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2015/05/12 16:41:00 | 000,000,902 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2015/05/12 07:49:08 | 000,001,066 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2015/05/12 16:49:14 | 000,001,070 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000Core.job -> [2015/05/12 07:45:07 | 000,001,026 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4145504383-1758021648-1909431757-1000UA.job -> [2015/05/12 16:50:01 | 000,001,078 | ---- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2015/05/08 11:50:58 | 000,000,006 | -H-- | M] ()
SCHEDLGU.TXT -> C:\Windows\tasks\SCHEDLGU.TXT -> [2014/08/29 19:00:33 | 000,032,608 | ---- | M] ()
< HKLM\System\CCS\Services\Tcpip\Parameters >
Reg Error: Key HKEY_LOCAL_MACHINE\System\CCS\Services\Tcpip\Parameters\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\Connections >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\Connections\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Associations >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Associations\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Attachments >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Attachments\ not found. -> ->
< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT >
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT\ not found. -> ->

[Alternate Data Streams]
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:C8B8CEBD
< End of report >
[/code]

Publicité


Signaler le contenu de ce document

Publicité