cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[code]
OTS logfile created on: 15/09/2015 12:43:28 - Run 1
OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\Usuario\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,69 Gb Total Space | 84,04 Gb Free Space | 75,24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 465,76 Gb Total Space | 398,64 Gb Free Space | 85,59% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USUARIO-PC
Current User Name: Usuario
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: On
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/09/15 12:40:31 | 000,646,656 | ---- | M] (OldTimer Tools)
opera_crashreporter.exe -> C:\Arquivos de Programas\Opera\31.0.1889.174\opera_crashreporter.exe -> [2015/08/17 12:01:05 | 000,511,608 | ---- | M] (Opera Software)
opera.exe -> C:\Arquivos de Programas\Opera\31.0.1889.174\opera.exe -> [2015/08/17 12:01:03 | 000,899,704 | ---- | M] (Opera Software)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2015/06/10 13:03:59 | 000,049,152 | ---- | M] (Microsoft Corporation)
conhost.exe -> C:\Windows\System32\conhost.exe -> [2015/05/09 00:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation)
gwx.exe -> C:\Windows\System32\GWX\GWX.exe -> [2015/05/07 18:21:06 | 000,406,528 | ---- | M] (Microsoft Corporation)
coreldrw.exe -> C:\Arquivos de Programas\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDRW.exe -> [2014/03/15 00:25:38 | 000,318,784 | ---- | M] (Corel Corporation)
psiservice_2.exe -> c:\Arquivos de Programas\Common Files\Protexis\License Service\PsiService_2.exe -> [2013/09/13 12:24:54 | 000,277,360 | ---- | M] (arvato digital services llc)
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
sistray.exe -> C:\Arquivos de Programas\SiS VGA Utilities\SiSTray.exe -> [2010/12/15 14:22:16 | 000,557,056 | ---- | M] (Silicon Integrated Systems Corporation)
wmpnetwk.exe -> C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -> [2010/11/20 18:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation)
sm56hlpr.exe -> C:\Arquivos de Programas\Motorola\SMSERIAL\sm56hlpr.exe -> [2009/10/26 14:46:54 | 001,458,176 | ---- | M] (Motorola Inc.)
btmeter.exe -> C:\Arquivos de Programas\Battery Meter\BTMeter.exe -> [2008/07/11 11:15:46 | 000,537,896 | ---- | M] (Dell)

[Modules - No Company Name]
opera.dll -> C:\Arquivos de Programas\Opera\31.0.1889.174\opera.dll -> [2015/08/17 12:01:14 | 058,600,568 | ---- | M] ()
system.windows.forms.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll -> [2015/06/10 21:47:21 | 012,438,016 | ---- | M] ()
system.drawing.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll -> [2015/06/10 21:46:29 | 001,593,344 | ---- | M] ()
system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll -> [2015/06/10 21:46:23 | 005,467,648 | ---- | M] ()
system.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll -> [2015/06/10 21:46:09 | 007,991,808 | ---- | M] ()
mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll -> [2015/06/10 21:45:47 | 011,497,984 | ---- | M] ()
system.xml.linq.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4eb8f38cdb61509124417e4f5ae99201\System.Xml.Linq.ni.dll -> [2015/06/10 20:34:19 | 000,392,704 | ---- | M] ()
presentationframework.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\dba6e73775e7b823a02925f063bd2983\PresentationFramework.ni.dll -> [2015/06/10 20:27:57 | 018,753,024 | ---- | M] ()
presentationcore.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f6fee9c78602505e874ec0807e3b1a51\PresentationCore.ni.dll -> [2015/06/10 20:27:40 | 011,014,144 | ---- | M] ()
system.xaml.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b743aed31731aa473e125bb63f43b3f4\System.Xaml.ni.dll -> [2015/06/10 20:27:32 | 001,873,408 | ---- | M] ()
windowsbase.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\efd34838fa44da246b78328f4432eac7\WindowsBase.ni.dll -> [2015/06/10 20:27:29 | 003,904,000 | ---- | M] ()
presentationframework.aero.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll -> [2015/06/10 20:27:26 | 000,458,240 | ---- | M] ()
system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a4066040e82329538bec1a194a222d93\System.Xml.ni.dll -> [2015/06/10 20:27:25 | 007,787,008 | ---- | M] ()
system.core.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c61bafa9d029e3f2bf83bd5af3f1f5ac\System.Core.ni.dll -> [2015/06/10 20:27:12 | 006,982,656 | ---- | M] ()
system.configuration.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\908075c4922acdf834c67ac802814c9d\System.Configuration.ni.dll -> [2015/06/10 20:27:04 | 000,967,680 | ---- | M] ()
system.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll -> [2015/06/10 20:27:03 | 010,069,504 | ---- | M] ()
mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll -> [2015/06/10 13:30:41 | 017,207,296 | ---- | M] ()
psiclient.dll -> c:\Arquivos de Programas\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll -> [2014/03/14 23:02:24 | 000,555,888 | ---- | M] ()
mscorlib.resources.dll -> C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll -> [2013/07/08 09:41:17 | 000,303,104 | ---- | M] ()
rarext.dll -> C:\Arquivos de Programas\WinRAR\RarExt.dll -> [2009/08/16 17:06:04 | 000,141,312 | ---- | M] ()
emsc.dll -> C:\Windows\System32\EMSC.DLL -> [2007/04/19 15:21:14 | 000,266,240 | ---- | M] ()

[Win32 Services - Safe List]
(MBAMService) MBAMService [Auto | Stopped] -> -> File not found
(IEEtwCollectorService) Internet Explorer ETW Collector Service [On_Demand | Stopped] -> C:\Windows\System32\IEEtwCollector.exe -> [2015/07/18 10:15:40 | 000,102,912 | ---- | M] (Microsoft Corporation)
(DiagTrack) Diagnostics Tracking Service [Auto | Running] -> C:\Windows\System32\diagtrack.dll -> [2015/05/25 15:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation)
(PDF Architect 3) PDF Architect 3 [On_Demand | Stopped] -> C:\Program Files\PDF Architect 3\ws.exe -> [2015/04/24 12:21:22 | 002,244,312 | ---- | M] (pdfforge GmbH)
(PDF Architect 3 CrashHandler) PDF Architect 3 CrashHandler [On_Demand | Stopped] -> C:\Program Files\PDF Architect 3\crash-handler-ws.exe -> [2015/04/24 12:21:06 | 000,901,336 | ---- | M] (pdfforge GmbH)
(PSI_SVC_2) Corel License Validation Service V2, Powered by arvato [Auto | Running] -> c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -> [2013/09/13 12:24:54 | 000,277,360 | ---- | M] (arvato digital services llc)
(WinDefend) Windows Defender [Auto | Running] -> C:\Arquivos de Programas\Windows Defender\MpSvc.dll -> [2013/05/27 01:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation)
(SensrSvc) Brilho Adaptável [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation)
(PeerDistSvc) BranchCache [Disabled | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009/07/13 22:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(ndisrd) GAS Tecnologia Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\gbpndisrdn.sys -> [2015/06/20 18:35:14 | 000,029,400 | ---- | M] (GAS Tecnologia)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2015/06/15 21:47:06 | 000,048,128 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2015/06/15 21:47:06 | 000,044,544 | ---- | M] (REDC)
(HWiNFO32) HWiNFO32/64 Kernel Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\HWiNFO32.SYS -> [2015/06/15 21:02:45 | 000,023,840 | ---- | M] (REALiX(tm))
(WDC_SAM) WD SCSI Pass Thru driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\wdcsam.sys -> [2015/04/30 00:01:06 | 000,020,256 | ---- | M] (Western Digital Technologies)
(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2013/10/01 21:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation)
(terminpt) Microsoft Remote Desktop Input Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\terminpt.sys -> [2012/08/23 11:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation)
(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\rdpvideominiport.sys -> [2012/08/23 11:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation)
(SiS6350) SiS6350 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SISGRKMD.sys -> [2010/12/15 14:09:44 | 000,466,432 | ---- | M] (Silicon Integrated Systems Corporation)
(vmbus) vmbus [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\vmbus.sys -> [2010/11/20 18:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation)
(tsusbhub) tsusbhub [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tsusbhub.sys -> [2010/11/20 18:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation)
(Synth3dVsc) Synth3dVsc [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\Synth3dVsc.sys -> [2010/11/20 18:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation)
(dmvsc) dmvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\dmvsc.sys -> [2010/11/20 18:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation)
(storflt) Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vmstorfl.sys -> [2010/11/20 18:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation)
(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010/11/20 18:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation)
(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\storvsc.sys -> [2010/11/20 18:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation)
(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\TsUsbGD.sys -> [2010/11/20 18:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation)
(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\VMBusHID.sys -> [2010/11/20 18:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation)
(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\vms3cap.sys -> [2010/11/20 18:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation)
(smserial) smserial [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\smserial.sys -> [2009/10/26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.)
(uagp35) SiS AGPv3.5 Filter [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\sisagpx.sys -> [2009/08/01 16:10:10 | 000,058,400 | ---- | M] (Silicon Integrated Systems Corporation)
(Serial) Serial port driver [Kernel | System | Stopped] -> C:\Windows\System32\drivers\serial.sys -> [2009/07/13 20:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.)
(SiSGbeLH) SiS191/SiS190 Ethernet Device NDIS 6.0 Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SiSGB6.sys -> [2009/07/13 19:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.)
(NVENETFD) Driver do NVIDIA nForce Networking Controller [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nvm62x32.sys -> [2009/07/13 19:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation)
(nvlddmkm) nvlddmkm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2009/06/10 18:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation)
(EMSC) COMPAL Embedded System Control [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\EMSC.SYS -> [2007/04/19 15:21:14 | 000,009,856 | ---- | M] ()

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] > -> ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\: Main\\"Start Page" -> https://www.google.com.br/ ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\: Main\\"Start Page Redirect Cache AcceptLangs" -> pt-br ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> E4 DD 78 E5 F6 A2 D0 01 [binary data] ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2015/08/29 20:29:40 | 000,000,840 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{B4F3A835-0E21-4959-BA22-42B3008E02FF} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL [Office Document Cache Handler] -> [2013/03/06 07:37:48 | 000,562,904 | ---- | M] (Microsoft Corporation)
{C41A1C0E-EA6C-11D4-B1B8-444553540003} [HKLM] -> [GbIehObj Class] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"BTMeter" -> C:\Arquivos de Programas\Battery Meter\BTMeter.exe [C:\Program Files\Battery Meter\BTMeter.exe] -> [2008/07/11 11:15:46 | 000,537,896 | ---- | M] (Dell)
"SiSTray" -> C:\Arquivos de Programas\SiS VGA Utilities\SiSTray.exe [%ProgramFiles%\SiS VGA Utilities\SiSTray.exe] -> [2010/12/15 14:22:16 | 000,557,056 | ---- | M] (Silicon Integrated Systems Corporation)
"SMSERIAL" -> C:\Arquivos de Programas\Motorola\SMSERIAL\sm56hlpr.exe [C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe] -> [2009/10/26 14:46:54 | 001,458,176 | ---- | M] (Motorola Inc.)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
\\"EnableLUA" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [181] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Enviar para o OneNote -> C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll [res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105] -> [2013/08/12 19:47:30 | 000,645,336 | ---- | M] (Microsoft Corporation)
E&xportar para o Microsoft Excel -> C:\Arquivos de Programas\Microsoft Office\Office14\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000] -> [2014/08/14 11:31:42 | 020,394,648 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll [Button: Enviar para o OneNote] -> [2013/08/12 19:47:30 | 000,645,336 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2013/08/12 19:47:30 | 000,645,336 | ---- | M] (Microsoft Corporation)
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [Button: &Anotações Vinculadas do OneNote] -> [2013/03/09 00:04:08 | 000,498,376 | ---- | M] (Microsoft Corporation)
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [Menu: &Anotações Vinculadas do OneNote] -> [2013/03/09 00:04:08 | 000,498,376 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4808 domain(s) found. ->
imagem_caixa.gov.br [*] -> Trusted sites ->
imagem_caixa.gov.br [https] -> Trusted sites ->
imagem2_caixa.gov.br [https] -> Trusted sites ->
internetbanking_caixa.gov.br [*] -> Trusted sites ->
internetbanking_caixa.gov.br [https] -> Trusted sites ->
internetbankingpf_caixa.gov.br [*] -> Trusted sites ->
internetbankingpf_caixa.gov.br [https] -> Trusted sites ->
www_caixa.gov.br [*] -> Trusted sites ->
www_caixa.gov.br [http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{AD08596B-109F-492C-8729-24AA1C79DB28}\\DhcpNameServer -> 192.168.1.1 (Adaptador de rede Broadcom 802.11g) ->
{AD08596B-109F-492C-8729-24AA1C79DB28}\\NameServer -> 189.38.95.95,189.38.95.96 (Adaptador de rede Broadcom 802.11g) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010/11/20 18:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009/07/13 22:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GbPluginCef -> -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{E37CB5F0-51F5-4395-A808-5FA49E399003}" [HKLM] -> [GbPlugin ShlObj] -> File not found
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/10 18:42:20 | 000,000,024 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
FastUserSwitchingCompatibility -> -> File not found
Ias -> C:\Windows\System32\ias.dll -> [2009/07/13 22:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation)
Nla -> -> File not found
Ntmssvc -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
SRService -> -> File not found
WmdmPmSp -> -> File not found
LogonHours -> -> File not found
PCAudit -> -> File not found
helpsvc -> -> File not found
uploadmgr -> -> File not found
*MultiFile Done* -> ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807573E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2012/10/31 12:21:48 | 000,049,776 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll[HxProtocol Class] -> [2012/11/10 18:20:34 | 000,957,048 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
< System Restore User Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore ->
"DisableSR" -> 0 ->
< Windows Firewall Group Policy Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\ -> ->
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> ->
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Windows StandardProfile GloballyOpenPorts Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List ->
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] - Select to Repair > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} -> Ghostscript GPL 8.64 (Msi Setup)
_{B865FDD4-E96E-4166-BB69-6E8C207E3E29} -> Corel Graphics - Windows Shell Extension
_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0} -> CorelDRAW Graphics Suite X7
{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} -> PDFCreator
{03077B58-6ACF-32CA-B42A-EAA458C295A1} -> Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB
{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} -> Ghostscript GPL 8.64 (Msi Setup)
{08A60D9D-C206-46BF-9602-1F2616878CF7} -> CorelDRAW Graphics Suite X7
{0A0143FF-ECB5-4960-A2E0-DC3150ABBBE0} -> CorelDRAW Graphics Suite X7 - PHOTO-PAINT
{0FE6DE07-8CBA-3F73-86B4-51B91E506D24} -> Microsoft Visual Studio Tools for Applications 2012 x86 ;N§c/eôc - A~Ԛ-N‡ežŠŠWYöN
{246FE426-2661-4DD6-9603-DF2E6832387C} -> CorelDRAW Graphics Suite X7 - Writing Tools
{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 -> MPC-HC 1.7.8
{30FAE453-9F77-4F70-928E-042BEF00D011} -> CorelDRAW Graphics Suite X7 - Draw
{3371699A-C1EF-3AC3-B094-D338191FA6E9} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français
{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} -> Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
{3494B3C2-861C-4DD8-9D05-8C48C01BDF3D} -> CorelDRAW Graphics Suite X7 - BR
{38C90705-DB35-3631-8F2A-C33ADB0456E8} -> Microsoft .NET Framework 4.5.2 (PTB)
{3911CF56-9EF2-39BA-846A-C27BD3CD0685} -> Microsoft .NET Framework 4.5.2
{4C614BD3-607E-4289-BB51-4D87EC7BBD62} -> CorelDRAW Graphics Suite X7 - VideoBrowser
{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0} -> Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
{543A4F31-9590-416A-A621-42CEB4C6A694} -> Battery Meter
{5950473A-825B-3019-AF86-55F2F9A95FCB} -> Microsoft Visual Studio Tools for Applications 2012 Finalizer
{59F6A514-9813-47A3-948C-8A155460CC2A} -> RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
{5D0275EA-F3CE-450A-A5A3-F852E30CA46F} -> CorelDRAW Graphics Suite X7 - Capture
{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} -> Google Update Helper
{657EAD32-8E7A-43C0-A794-3BB31B00DC34} -> CorelDRAW Graphics Suite X7 - IPM Content
{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57} -> /7K:>2>9 ?0:5B 4;O ?>445@6:8 @07<5I5=8O =01>@0 A@54AB2 Microsoft Visual Studio Tools 4;O @01>BK A ?@8;>65=8O<8 2012 (x86) - RUS
{7259BDDA-D888-309D-ADE1-84AA0CB24FE9} -> Microsoft Visual Studio Tools for Applications 2012 x86 Xb¡{/ec - €{SO-N‡e틊S
{7F5DE3F2-5865-4D4A-89D1-AAEFE1F96E50} -> CorelDRAW Graphics Suite X7 - FontNav
{84749C5C-FA80-4779-BD96-544165A8CD31} -> CorelDRAW Graphics Suite X7 - Custom Data
{859C7535-6862-3867-B97E-816795E8AB65} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - åe,gžŠ Language Pack
{877522BE-A318-4603-9B00-DF319C6FA2B1} -> CorelDRAW Graphics Suite X7 - VBA
{89ca2a32-2b52-4595-8dfd-6fe4757958d0} -> Microsoft Visual Studio Tools for Applications 2012
{8DADD35F-49CE-4D18-AE6D-135DD150E74F} -> CorelDRAW Graphics Suite X7 - Filters
{90120000-0070-0000-0000-4000000FF1CE} -> Microsoft Visual Basic for Applications 7.1 (x86)
{90140000-0015-0416-0000-0000000FF1CE} -> Microsoft Office Access MUI (Portuguese (Brazil)) 2010
{90140000-0016-0416-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Portuguese (Brazil)) 2010
{90140000-0018-0416-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010
{90140000-0019-0416-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010
{90140000-001A-0416-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010
{90140000-001B-0416-0000-0000000FF1CE} -> Microsoft Office Word MUI (Portuguese (Brazil)) 2010
{90140000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2010
{90140000-001F-0416-0000-0000000FF1CE} -> Microsoft Office Proof (Portuguese (Brazil)) 2010
{90140000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2010
{90140000-002C-0416-0000-0000000FF1CE} -> Microsoft Office Proofing (Portuguese (Brazil)) 2010
{90140000-003D-0000-0000-0000000FF1CE} -> Microsoft Office Single Image 2010
{90140000-006E-0416-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Portuguese (Brazil)) 2010
{90140000-00A1-0416-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 -> Microsoft .NET Framework 4.5.2
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046 -> Microsoft .NET Framework 4.5.2 (Português do Brasil)
{950055ED-DC61-4874-8EDB-E5CDE1D218CD} -> CorelDRAW Graphics Suite X7 - Photozoom Plugin
{955E1388-E1F1-320A-A018-24616ED60F95} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - \Õm­´Å ¸Å´Å )Ó
{994F3055-8433-46A7-8E1F-6CC7B68B01F0} -> CorelDRAW Graphics Suite X7 - Common
{A3EB1DE3-9D3F-34C2-BDE6-5A8A4B98CC37} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN
{A74F33CB-8C7D-404F-93F5-A63317379BD2} -> Windows 7 Manager
{AD47115F-4E26-4344-941A-10635B6E65ED} -> Microsoft Visual Basic for Applications 7.1 (x86) Portuguese (Brazil)
{B175520C-86A2-35A7-8619-86DC379688B9} -> Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
{B24B3583-504B-337F-ABBF-0474388FA197} -> Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB
{B865FDD4-E96E-4166-BB69-6E8C207E3E29} -> Corel Graphics - Windows Shell Extension
{B8FD8F53-7E58-3DE5-A8FC-CB2B5CCF38CE} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA
{BAB89D31-4C55-472B-8909-6CBE2CC276B1} -> Microsoft Visual Basic for Applications 7.1 (x86) English
{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} -> Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0} -> CorelDRAW Graphics Suite X7 - Setup Files
{CAAC553D-EE02-32D2-9F7E-FBC5C22E4C08} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket
{CF06B8C4-F6FC-3A4B-ADD0-04A1CAC3DD86} -> Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support
{D29A4F85-0FB7-4E54-B591-044652C4295F} -> CorelDRAW Graphics Suite X7 - IPM T
{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 -> aTube Catcher versão 3.8
{EA901E9F-6204-4974-8530-CA87F24DA464} -> USB2.0 UVC WebCam
{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7} -> PDF Architect 3 View Module
{EFB8E269-0619-475B-8C5B-96F98551AA33} -> CorelDRAW Graphics Suite X7 - Connect
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} -> Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F3286FA3-DF68-4948-8D1D-ED3A539077B3} -> CorelDRAW Graphics Suite X7 - Redist
{FE041B02-234C-4AAA-9511-80DF6482A458} -> RICOH_Media_Driver_v2.14.18.01
{FEF06E73-A519-4510-8CF3-B66041B91D8A} -> EMSC
CCleaner -> CCleaner
Doro_is1 -> Doro 1.75
DVD Shrink_is1 -> DVD Shrink 3.2
Foxit Reader_is1 -> Foxit Reader
InstallShield_{543A4F31-9590-416A-A621-42CEB4C6A694} -> Battery Meter
Malwarebytes Anti-Malware_is1 -> Malwarebytes Anti-Malware versão 2.1.8.1057
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) -> Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB -> Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil)
MV RegClean 5.9_is1 -> MV RegClean 5.9
Office14.SingleImage -> Microsoft Office Professional 2010
Opera 31.0.1889.174 -> Opera Stable 31.0.1889.174
PDF Architect 3 -> PDF Architect 3
PhotoScape -> PhotoScape
Recuva -> Recuva
Revo Uninstaller -> Revo Uninstaller 1.95
SiS VGA Utilities -> SiS VGA Utilities
SMSERIAL -> Motorola SM56 Speakerphone Modem
VLC media player -> VLC media player
WDIC -> Dic Michaelis - UOL
WinRAR archiver -> Arquivo do WinRAR
ZHPDiag_is1 -> ZHPDiag 2015
< Uninstall List [HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\] > -> HKEY_USERS\S-1-5-21-2741043627-4026230127-4029745268-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/09/15 12:40:14 | 000,646,656 | ---- | C] (OldTimer Tools)
Auslogics -> C:\ProgramData\Auslogics -> [2015/09/10 10:23:04 | 000,000,000 | ---D | C]
Auslogics -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics -> [2015/09/10 10:21:55 | 000,000,000 | ---D | C]
Auslogics -> C:\Program Files\Auslogics -> [2015/09/10 10:21:50 | 000,000,000 | ---D | C]
Revo Uninstaller -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller -> [2015/09/10 10:15:17 | 000,000,000 | ---D | C]
VS Revo Group -> C:\Program Files\VS Revo Group -> [2015/09/10 10:15:16 | 000,000,000 | ---D | C]
Temp -> C:\Windows\Temp -> [2015/09/09 10:23:27 | 000,000,000 | ---D | C]
Temp -> C:\Users\Usuario\AppData\Local\Temp -> [2015/09/09 10:23:27 | 000,000,000 | ---D | C]
zoek_backup -> C:\zoek_backup -> [2015/09/03 09:24:53 | 000,000,000 | ---D | C]
Opera Software -> C:\Users\Usuario\AppData\Local\Opera Software -> [2015/09/02 11:16:02 | 000,000,000 | ---D | C]
Opera Software -> C:\Users\Usuario\AppData\Roaming\Opera Software -> [2015/09/02 11:16:01 | 000,000,000 | ---D | C]
Opera -> C:\Program Files\Opera -> [2015/09/02 11:13:03 | 000,000,000 | ---D | C]
K-Lite Codec Pack -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack -> [2015/09/02 10:10:17 | 000,000,000 | ---D | C]
FRST -> C:\FRST -> [2015/08/31 17:09:24 | 000,000,000 | ---D | C]
ProductData -> C:\Users\Usuario\AppData\Roaming\ProductData -> [2015/08/29 15:15:18 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2015/08/28 09:26:54 | 000,000,000 | -HSD | C]
RltkAPO.dll -> C:\Windows\System32\RltkAPO.dll -> [2015/08/25 11:08:04 | 002,531,544 | ---- | C] (Realtek Semiconductor Corp.)
K-Lite Codec Pack -> C:\Program Files\K-Lite Codec Pack -> [2015/08/25 10:24:10 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
prfh0416.dat -> C:\Windows\System32\prfh0416.dat -> [2015/09/15 12:50:29 | 000,705,268 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2015/09/15 12:50:29 | 000,653,724 | ---- | M] ()
prfc0416.dat -> C:\Windows\System32\prfc0416.dat -> [2015/09/15 12:50:29 | 000,147,108 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2015/09/15 12:50:29 | 000,121,596 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2015/09/15 12:43:38 | 000,026,544 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2015/09/15 12:43:38 | 000,026,544 | -H-- | M] ()
OTS.exe -> C:\Users\Usuario\Desktop\OTS.exe -> [2015/09/15 12:40:31 | 000,646,656 | ---- | M] (OldTimer Tools)
bootstat.dat -> C:\Windows\bootstat.dat -> [2015/09/15 12:38:05 | 000,067,584 | --S- | M] ()
Opera.lnk -> C:\Users\Usuario\Desktop\Opera.lnk -> [2015/09/15 11:17:41 | 000,001,297 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/09/15 11:11:47 | 1407,062,016 | -HS- | M] ()
Revo Uninstaller.lnk -> C:\Users\Usuario\Desktop\Revo Uninstaller.lnk -> [2015/09/10 10:15:17 | 000,001,226 | ---- | M] ()
FontData.fdb -> C:\Windows\FontData.fdb -> [2015/09/06 16:41:02 | 000,061,361 | ---- | M] ()
favoritos_02_09_15.html -> C:\Users\Usuario\Documents\favoritos_02_09_15.html -> [2015/09/02 11:05:32 | 000,009,565 | ---- | M] ()
Resmon.ResmonCfg -> C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg -> [2015/08/31 18:24:59 | 000,007,605 | ---- | M] ()
hosts -> C:\Windows\System32\drivers\etc\hosts -> [2015/08/29 20:29:40 | 000,000,840 | ---- | M] ()

[Files - No Company Name]
Opera.lnk -> C:\Users\Usuario\Desktop\Opera.lnk -> [2015/09/15 11:17:41 | 000,001,297 | ---- | C] ()
Revo Uninstaller.lnk -> C:\Users\Usuario\Desktop\Revo Uninstaller.lnk -> [2015/09/10 10:15:17 | 000,001,226 | ---- | C] ()
favoritos_02_09_15.html -> C:\Users\Usuario\Documents\favoritos_02_09_15.html -> [2015/09/02 11:05:31 | 000,009,565 | ---- | C] ()
Resmon.ResmonCfg -> C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg -> [2015/08/31 18:24:59 | 000,007,605 | ---- | C] ()
DP45977C.lfl -> C:\ProgramData\DP45977C.lfl -> [2015/06/15 21:43:05 | 000,000,000 | -H-- | C] ()
WDIC.INI -> C:\Windows\WDIC.INI -> [2015/06/10 17:24:43 | 000,008,455 | ---- | C] ()

[File - Lop Check]
Foxit Software -> C:\Users\Usuario\AppData\Roaming\Foxit Software -> [2015/06/25 15:11:29 | 000,000,000 | ---D | M]
Opera Software -> C:\Users\Usuario\AppData\Roaming\Opera Software -> [2015/09/02 11:16:01 | 000,000,000 | ---D | M]
PDF Architect 3 -> C:\Users\Usuario\AppData\Roaming\PDF Architect 3 -> [2015/07/03 13:44:09 | 000,000,000 | ---D | M]
PhotoScape -> C:\Users\Usuario\AppData\Roaming\PhotoScape -> [2015/09/15 11:10:39 | 000,000,000 | ---D | M]
ProductData -> C:\Users\Usuario\AppData\Roaming\ProductData -> [2015/08/29 15:15:18 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2015/08/25 11:36:46 | 000,032,588 | ---- | M] ()
[Custom Scans]
< %systemdrive%\*.* >
autoexec.bat -> C:\autoexec.bat -> [2009/06/10 18:42:20 | 000,000,024 | ---- | M] ()
config.sys -> C:\config.sys -> [2009/06/10 18:42:20 | 000,000,010 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/09/15 11:11:47 | 1407,062,016 | -HS- | M] ()
pagefile.sys -> C:\pagefile.sys -> [2015/09/15 11:11:47 | 1876,082,688 | -HS- | M] ()
< %systemdrive%\drivers\*.exe >
< %systemroot%\system32\drivers\*.* /90 >
gbpndisrdn.sys -> C:\Windows\system32\drivers\gbpndisrdn.sys -> [2015/06/20 18:35:14 | 000,029,400 | ---- | M] (GAS Tecnologia)
ksecdd.sys -> C:\Windows\system32\drivers\ksecdd.sys -> [2015/07/18 10:18:08 | 000,067,520 | ---- | M] (Microsoft Corporation)
ksecpkg.sys -> C:\Windows\system32\drivers\ksecpkg.sys -> [2015/07/18 10:18:08 | 000,137,664 | ---- | M] (Microsoft Corporation)
mrxsmb.sys -> C:\Windows\system32\drivers\mrxsmb.sys -> [2015/07/18 10:18:08 | 000,124,416 | ---- | M] (Microsoft Corporation)
mrxsmb10.sys -> C:\Windows\system32\drivers\mrxsmb10.sys -> [2015/07/18 10:18:08 | 000,225,792 | ---- | M] (Microsoft Corporation)
mrxsmb20.sys -> C:\Windows\system32\drivers\mrxsmb20.sys -> [2015/07/18 10:18:08 | 000,098,304 | ---- | M] (Microsoft Corporation)
< %programfiles%\*.* >
desktop.ini -> C:\Program Files\desktop.ini -> [2009/07/14 01:41:57 | 000,000,174 | -HS- | M] ()
< %localappdata%\*.exe >
< %localappdata%\*.txt >
< %localappdata%\*.ini >
< %localappdata%\*.dll >
< %localappdata%\*.dat >
GDIPFONTCACHEV1.DAT -> C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT -> [2015/08/04 17:19:39 | 000,143,032 | ---- | M] ()
< %userprofile%\*.exe >
< %userprofile%\*.txt >
< %userprofile%\*.ini >
ntuser.ini -> C:\Users\Usuario\ntuser.ini -> [2015/06/09 20:26:26 | 000,000,020 | -HS- | M] ()
< %userprofile%\*.dll >
< %userprofile%\*.dat /30 >
ntuser.dat -> C:\Users\Usuario\ntuser.dat -> [2015/09/15 12:51:39 | 005,505,024 | -HS- | M] ()
< %appdata%\*.* >
< %systemroot%\system32\tasks\*.* >
GoogleUpdateTaskMachineCore -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore -> [2015/09/09 11:36:21 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0bcb5e2e9a7f2 -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0bcb5e2e9a7f2 -> [2015/07/12 12:36:31 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0bcb887f2df93 -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0bcb887f2df93 -> [2015/07/15 22:19:01 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0bf6566503c5b -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0bf6566503c5b -> [2015/07/15 22:19:02 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0d5c97f488eb -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0d5c97f488eb -> [2015/08/31 09:18:15 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0e3e71e11ea8a -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0e3e71e11ea8a -> [2015/08/31 09:18:17 | 000,003,802 | ---- | M] ()
GoogleUpdateTaskMachineCore1d0eb0ce95c3d49 -> C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0eb0ce95c3d49 -> [2015/09/09 11:36:28 | 000,003,802 | ---- | M] ()
Opera scheduled Autoupdate 1441203342 -> C:\Windows\system32\tasks\Opera scheduled Autoupdate 1441203342 -> [2015/09/09 10:37:32 | 000,003,822 | ---- | M] ()
{5DBC89BD-CA2E-4A5F-A015-7790B1205D8F} -> C:\Windows\system32\tasks\{5DBC89BD-CA2E-4A5F-A015-7790B1205D8F} -> [2015/08/11 10:25:05 | 000,003,160 | ---- | M] ()
< %windir%\tasks\*.* >
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2015/09/15 11:12:12 | 000,000,006 | -H-- | M] ()
SCHEDLGU.TXT -> C:\Windows\tasks\SCHEDLGU.TXT -> [2015/08/25 11:36:46 | 000,032,588 | ---- | M] ()
< HKLM\System\CCS\Services\Tcpip\Parameters >
Reg Error: Key HKEY_LOCAL_MACHINE\System\CCS\Services\Tcpip\Parameters\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
\\"DefaultConnectionSettings" -> [[Binary data over 100 bytes]] -> File not found
\\"SavedLegacySettings" -> [[Binary data over 100 bytes]] -> File not found
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ not found. -> ->
< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT
\\"devenv.exe" -> [1] -> File not found
\\"dexplore.exe" -> [1] -> File not found
\\"helppane.exe" -> [1] -> File not found
\\"PresentationHost.exe" -> [0] -> File not found

[Alternate Data Streams]
@Alternate Data Stream - 212 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst
< End of report >
[/code]

Publicité


Signaler le contenu de ce document

Publicité