Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Li uma matéria que diz para desconfiar de processos do Gerenciador de Tarefas que não requisitei, pois isso pode ser uma confirmação de PC infectado.
Como meu PC às vezes demora pra reiniciar, mostrando rapidamente uma tela 'Aguardando finalizar todos os processos' (algo assim, é muito rápido e eu não consigo ler tudo), peço a ajuda de vocês pra saber se está tudo OK com meu PC ou não. Segue log do HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:37:45, on 29/06/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Pierre Cardoso\Downloads\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/3
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F91A47DD-2831-4021-A2F9-94A55DAB31FD}: NameServer = 200.165.132.154 200.165.132.148
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10037 bytes
OBS: Ao pedir para escanear, surgiu esta mensagem (acessar link):
OTS logfile created on: 30/06/2011 19:07:13 - Run 1
OTS by OldTimer - Version 3.1.44.0 Folder = C:\Users\Pierre Cardoso\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 471,17 Gb Total Space | 397,59 Gb Free Space | 84,38% Space Free | Partition Type: NTFS
Drive D: | 9,48 Gb Total Space | 1,44 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive P: | 450,76 Gb Total Space | 262,52 Gb Free Space | 58,24% Space Free | Partition Type: NTFS
Computer Name: PIERRECARDOSO
Current User Name: Pierre Cardoso
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
[Processes - Safe List]
ots.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2011/06/21 11:54:16 | 000,924,632 | ---- | M] (Mozilla Corporation)
gbpsv.exe -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2011/06/13 09:06:50 | 000,169,760 | ---- | M] ( )
hpdrvmntsvc.exe -> C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -> [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company)
clmlsvc.exe -> c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe -> [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink)
iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation)
iastoricon.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -> [2009/10/02 11:26:10 | 000,284,696 | ---- | M] (Intel Corporation)
logtransport2.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe -> [2008/12/17 14:19:40 | 000,258,048 | R--- | M] (Adobe Systems Incorporated)
hpsysdrv.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe -> [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard)
[Modules - Safe List]
ots.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll -> [2010/11/20 08:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation)
normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2009/07/13 22:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
64bit-(NisSrv) [On_Demand | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation)
64bit-(MsMpSvc) [Auto | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation)
64bit-(wlcrasvc) [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation)
64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/09/08 20:56:12 | 000,202,752 | ---- | M] (AMD)
(GbpSv) Gbp Service [unknown | Running] -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2011/06/13 09:06:50 | 000,169,760 | ---- | M] ( )
(ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia)
(HPDrvMntSvc.exe) HP Quick Synchronization Service [Auto | Running] -> C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -> [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(IAStorDataMgrSvc) Intel(R) Rapid Storage Technology [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(usbser) USB Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser.sys -> [2010/11/20 07:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation)
64bit-(NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NisDrvWFP.sys -> [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation)
64bit-(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fssfltr.sys -> [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation)
64bit-(UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -> [2010/07/30 14:18:04 | 000,009,216 | ---- | M] (Nokia)
64bit-(upperdev) upperdev [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -> [2010/07/30 14:18:02 | 000,009,216 | ---- | M] (Nokia)
64bit-(nmwcdc) Nokia USB Communication Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ccdcmbox64.sys -> [2010/07/30 14:18:00 | 000,026,624 | ---- | M] (Nokia)
64bit-(nmwcd) Nokia USB Phone Parent Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ccdcmbx64.sys -> [2010/07/30 14:17:56 | 000,019,456 | ---- | M] (Nokia)
64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/07/08 22:03:00 | 000,834,544 | ---- | M] ()
64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/10/02 08:58:58 | 000,537,112 | ---- | M] (Intel Corporation)
64bit-(AtiHdmiService) ATI Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtiHdmi.sys -> [2009/09/29 22:04:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.)
64bit-(HECIx64) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2009/09/17 09:54:54 | 000,056,344 | ---- | M] (Intel Corporation)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/09/08 21:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.)
64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2009/08/20 21:05:06 | 000,239,616 | ---- | M] (Realtek )
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 17:38:56 | 000,000,308 | ---- | M] ()
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia)
(GbpKm) Gbp KernelMode [Kernel | Boot | Stopped] -> C:\Windows\system32\drivers\gbpkm.sys -> [2011/06/13 09:06:20 | 000,046,624 | ---- | M] (GAS Tecnologia)
(hid8101) hid8101 [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\hid8101.sys -> [2006/10/23 11:42:30 | 000,031,899 | ---- | M] (Compuware Corporation)
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPCON/3 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPCON/3 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> ->
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 ->
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: Main\\"Start Page" -> about:blank ->
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\Pierre Cardoso\AppData\Roaming\Mozilla\FireFox\Profiles\hawbr6lm.default\prefs.js ->
browser.startup.homepage -> "about:blank" ->
extensions.enabledItems -> pt-BR@dictionaries.addons.mozilla.org:1.0.0.2 ->
extensions.enabledItems -> {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2 ->
extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.18.2 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 ->
extensions.enabledItems -> bkmrksync@nokia.com:1.0.0.736 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 ->
extensions.enabledItems -> {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
network.proxy.type -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\] -> [2010/12/15 21:52:27 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\] -> [2011/01/26 11:16:43 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011/06/21 11:54:17 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2011/06/16 10:50:13 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Thunderbird\Extensions -> ->
HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74} -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\] -> [2010/12/15 21:52:28 | 000,000,000 | ---D | M]
< FireFox Extensions [user Folders] > ->
-> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Extensions -> [2010/07/06 23:38:26 | 000,000,000 | ---D | M]
-> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions -> [2011/06/27 12:14:54 | 000,000,000 | ---D | M]
Flashblock -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} -> [2010/10/14 22:31:21 | 000,000,000 | ---D | M]
"Módulo de Segurança - Banco do Brasil" -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2011/06/27 12:14:55 | 000,000,000 | ---D | M]
-> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\pt-BR@dictionaries.addons.mozilla.org -> [2010/11/16 23:12:19 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files (x86)\mozilla firefox\extensions -> [2011/06/11 09:45:09 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010/07/30 14:44:25 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/10/18 18:29:50 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2010/12/16 02:01:20 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -> [2011/02/17 22:03:04 | 000,000,000 | ---D | M]
Java Console -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/06/11 09:45:09 | 000,000,000 | ---D | M]
No name found -> -> File not found
No name found -> C:\USERS\PIERRE CARDOSO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HAWBR6LM.DEFAULT\EXTENSIONS\DESPROTETORDELINKS@CLAUDIO-SILVA.COM.XPI -> ()
Dicionário para Ortografia pt-BR -> C:\USERS\PIERRE CARDOSO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HAWBR6LM.DEFAULT\EXTENSIONS\PT-BR@DICTIONARIES.ADDONS.MOZILLA.ORG -> [2010/11/16 23:12:19 | 000,000,000 | ---D | M]
< HOSTS File > ([2011/06/27 12:13:46 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2010/09/21 14:54:04 | 000,529,280 | ---- | M] (Microsoft Corp.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Program Files (x86)\GbPlugin\gbieh.dll [GbIehObj Class] -> [2011/06/13 09:03:26 | 001,412,896 | ---- | M] (Banco do Brasil)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2010/11/30 13:26:32 | 001,436,224 | ---- | M] (Microsoft Corporation)
"PC-Doctor for Windows localizer" -> C:\Arquivos de Programas\PC-Doctor for Windows\localizer.exe [C:\Program Files\PC-Doctor for Windows\localizer.exe] -> [2009/09/17 02:57:42 | 000,095,728 | ---- | M] (PC-Doctor, Inc.)
"SmartMenu" -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background] -> [2009/09/14 15:17:08 | 000,610,360 | ---- | M] ()
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
"hpsysdrv" -> c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe] -> [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard)
"IAStorIcon" -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe] -> [2009/10/02 11:26:10 | 000,284,696 | ---- | M] (Intel Corporation)
"StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/09/08 21:18:40 | 000,098,304 | ---- | M] (Advanced Micro Devices, Inc.)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 09:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 09:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xportar para o Microsoft Excel -> [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [button: Enviar para o OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL [button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
www_bancobrasil.com.br [*] -> Trusted sites ->
www14_bancobrasil.com.br [*] -> Trusted sites ->
www2_bancobrasil.com.br [*] -> Trusted sites ->
www_bb.com.br [*] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab [Checkers Class] ->
{5D6F45B3-9043-443D-A792-115447494D24} [HKLM] -> http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab [unoCtrl Class] ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] ->
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] ->[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:05:55 | 000,645,120 | ---- | C] (OldTimer Tools)
{9706CEAE-63B6-464F-9BF5-7ED4FADE173B} -> C:\Users\Pierre Cardoso\AppData\Local\{9706CEAE-63B6-464F-9BF5-7ED4FADE173B} -> [2011/06/29 11:25:52 | 000,000,000 | ---D | C]
{47AA35F2-97C5-4EFC-853E-9F03B9C9862F} -> C:\Users\Pierre Cardoso\AppData\Local\{47AA35F2-97C5-4EFC-853E-9F03B9C9862F} -> [2011/06/28 23:25:16 | 000,000,000 | ---D | C]
gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2011/06/24 20:52:38 | 000,046,624 | ---- | C] (GAS Tecnologia)
GbPlugin -> C:\Program Files (x86)\GbPlugin -> [2011/06/24 20:51:53 | 000,000,000 | ---D | C]
Rox Poker -> C:\Users\Pierre Cardoso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rox Poker -> [2011/06/21 19:32:44 | 000,000,000 | ---D | C]
Rox Poker -> C:\Program Files (x86)\Rox Poker -> [2011/06/21 19:06:21 | 000,000,000 | ---D | C]
{70F4B6DE-83F0-4560-BCC7-FCA38CA65DA8} -> C:\Users\Pierre Cardoso\AppData\Local\{70F4B6DE-83F0-4560-BCC7-FCA38CA65DA8} -> [2011/06/18 22:52:04 | 000,000,000 | ---D | C]
{7A16F2AB-8225-4BE0-97F0-36898E7127A0} -> C:\Users\Pierre Cardoso\AppData\Local\{7A16F2AB-8225-4BE0-97F0-36898E7127A0} -> [2011/06/18 22:51:53 | 000,000,000 | ---D | C]
{E68DD8BA-04EF-4E6E-90A5-B46CFAF08C4C} -> C:\Users\Pierre Cardoso\AppData\Local\{E68DD8BA-04EF-4E6E-90A5-B46CFAF08C4C} -> [2011/06/18 22:51:42 | 000,000,000 | ---D | C]
{4109964E-04BA-44D7-9A4C-DDC666B268D4} -> C:\Users\Pierre Cardoso\AppData\Local\{4109964E-04BA-44D7-9A4C-DDC666B268D4} -> [2011/06/18 22:51:31 | 000,000,000 | ---D | C]
{0ACF2843-20A7-45EC-B943-F142A72C02EB} -> C:\Users\Pierre Cardoso\AppData\Local\{0ACF2843-20A7-45EC-B943-F142A72C02EB} -> [2011/06/18 22:51:20 | 000,000,000 | ---D | C]
{54484C22-568C-44D9-A2FF-180FB5D68A12} -> C:\Users\Pierre Cardoso\AppData\Local\{54484C22-568C-44D9-A2FF-180FB5D68A12} -> [2011/06/18 22:51:09 | 000,000,000 | ---D | C]
{DF69E459-B69A-420B-B6FA-191F33DB1090} -> C:\Users\Pierre Cardoso\AppData\Local\{DF69E459-B69A-420B-B6FA-191F33DB1090} -> [2011/06/17 10:43:00 | 000,000,000 | ---D | C]
{87AFE3FD-5BFB-4253-A185-8821351B443B} -> C:\Users\Pierre Cardoso\AppData\Local\{87AFE3FD-5BFB-4253-A185-8821351B443B} -> [2011/06/16 22:42:24 | 000,000,000 | ---D | C]
{80579D11-94E0-4E2B-B0B2-45909A95014B} -> C:\Users\Pierre Cardoso\AppData\Local\{80579D11-94E0-4E2B-B0B2-45909A95014B} -> [2011/06/16 10:40:39 | 000,000,000 | ---D | C]
{AA231726-FD6F-4326-84E2-ABAA6C942C94} -> C:\Users\Pierre Cardoso\AppData\Local\{AA231726-FD6F-4326-84E2-ABAA6C942C94} -> [2011/06/15 10:37:22 | 000,000,000 | ---D | C]
Técnico Administrativo - UFBA -> C:\Users\Pierre Cardoso\Desktop\Técnico Administrativo - UFBA -> [2011/06/14 15:23:45 | 000,000,000 | ---D | C]
Java -> C:\Program Files (x86)\Common Files\Java -> [2011/06/11 09:45:28 | 000,000,000 | ---D | C]
{A8813AC9-5D05-4399-B895-A14A05B6E537} -> C:\Users\Pierre Cardoso\AppData\Local\{A8813AC9-5D05-4399-B895-A14A05B6E537} -> [2011/06/10 15:33:05 | 000,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
OTS.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
wpd99.drv -> C:\Windows\wpd99.drv -> [2011/06/30 17:35:50 | 000,000,060 | ---- | M] ()
TESTE9~1.JPG -> C:\Users\Pierre Cardoso\Desktop\TESTE9~1.JPG -> [2011/06/30 12:37:58 | 000,065,495 | ---- | M] ()
edital_infra210.pdf -> C:\Users\Pierre Cardoso\Desktop\edital_infra210.pdf -> [2011/06/30 12:32:24 | 000,537,806 | ---- | M] ()
PCDRScheduledMaintenance.job -> C:\Windows\tasks\PCDRScheduledMaintenance.job -> [2011/06/30 12:10:23 | 000,000,544 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/29 19:28:00 | 000,015,792 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/29 19:28:00 | 000,015,792 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/06/29 00:26:12 | 001,523,558 | ---- | M] ()
prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2011/06/29 00:26:12 | 000,665,706 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/06/29 00:26:12 | 000,617,910 | ---- | M] ()
prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2011/06/29 00:26:12 | 000,128,896 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/06/29 00:26:12 | 000,107,190 | ---- | M] ()
HPCeeScheduleForPierre Cardoso.job -> C:\Windows\tasks\HPCeeScheduleForPierre Cardoso.job -> [2011/06/29 00:20:53 | 000,000,368 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/06/29 00:20:34 | 000,355,416 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2011/06/29 00:20:30 | 000,067,584 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2011/06/29 00:20:21 | 3113,545,728 | -HS- | M] ()
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2011/06/27 12:13:46 | 000,000,824 | ---- | M] ()
ULHOA.jpg -> C:\Users\Pierre Cardoso\Desktop\ULHOA.jpg -> [2011/06/20 20:57:28 | 000,015,753 | ---- | M] ()
GhostObjGAFix.xml -> C:\Users\Pierre Cardoso\AppData\Roaming\GhostObjGAFix.xml -> [2011/06/19 19:01:53 | 000,001,854 | ---- | M] ()
gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2011/06/13 09:06:20 | 000,046,624 | ---- | M] (GAS Tecnologia)
[Files - No Company Name]
TESTE9~1.JPG -> C:\Users\Pierre Cardoso\Desktop\TESTE9~1.JPG -> [2011/06/30 12:38:14 | 000,065,495 | ---- | C] ()
edital_infra210.pdf -> C:\Users\Pierre Cardoso\Desktop\edital_infra210.pdf -> [2011/06/30 12:32:24 | 000,537,806 | ---- | C] ()
HPCeeScheduleForPierre Cardoso.job -> C:\Windows\tasks\HPCeeScheduleForPierre Cardoso.job -> [2011/06/26 19:47:03 | 000,000,368 | ---- | C] ()
ULHOA.jpg -> C:\Users\Pierre Cardoso\Desktop\ULHOA.jpg -> [2011/06/20 20:57:28 | 000,015,753 | ---- | C] ()
GhostObjGAFix.xml -> C:\Users\Pierre Cardoso\AppData\Roaming\GhostObjGAFix.xml -> [2011/05/15 19:47:41 | 000,001,854 | ---- | C] ()
MSJCE.dll -> C:\Windows\SysWow64\MSJCE.dll -> [2011/04/14 14:30:33 | 000,069,632 | ---- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/01/26 12:31:54 | 001,508,738 | ---- | C] ()
tmpDSC00310.JPG -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00310.JPG -> [2010/09/12 14:19:32 | 004,477,480 | ---- | C] ()
tmpDSC00293_CROP.JPG -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00293_CROP.JPG -> [2010/09/12 14:16:02 | 000,175,810 | ---- | C] ()
tmpDSC00293_CROP.0 -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00293_CROP.0 -> [2010/09/12 14:16:02 | 000,144,847 | ---- | C] ()
pxhpinst.exe -> C:\Windows\SysWow64\pxhpinst.exe -> [2010/07/09 13:49:29 | 000,053,248 | ---- | C] ()
winamp.ini -> C:\Windows\winamp.ini -> [2010/07/09 13:49:26 | 000,001,125 | ---- | C] ()
CmdLineExt03.dll -> C:\Windows\SysWow64\CmdLineExt03.dll -> [2010/07/09 12:27:41 | 000,043,520 | ---- | C] ()
wpd99.drv -> C:\Windows\wpd99.drv -> [2010/07/09 11:59:07 | 000,000,060 | ---- | C] ()
pdf995mon64.dll -> C:\Windows\SysWow64\pdf995mon64.dll -> [2010/07/09 11:59:06 | 000,047,616 | ---- | C] ()
dancemat.exe -> C:\Windows\SysWow64\dancemat.exe -> [2010/07/08 22:40:32 | 000,073,757 | ---- | C] ()
zipnew.dat -> C:\Program Files (x86)\zipnew.dat -> [2010/07/06 23:33:35 | 000,000,022 | ---- | C] ()
rarnew.dat -> C:\Program Files (x86)\rarnew.dat -> [2010/07/06 23:33:35 | 000,000,020 | ---- | C] ()
Default.SFX -> C:\Program Files (x86)\Default.SFX -> [2010/07/06 23:33:15 | 000,096,092 | ---- | C] ()
Zip.SFX -> C:\Program Files (x86)\Zip.SFX -> [2010/07/06 23:33:15 | 000,077,660 | ---- | C] ()
WinCon.SFX -> C:\Program Files (x86)\WinCon.SFX -> [2010/07/06 23:33:15 | 000,073,472 | ---- | C] ()
winrar.lng -> C:\Program Files (x86)\winrar.lng -> [2010/07/06 23:33:15 | 000,050,278 | ---- | C] ()
rar.lng -> C:\Program Files (x86)\rar.lng -> [2010/07/06 23:33:15 | 000,018,316 | ---- | C] ()
uninstall.lng -> C:\Program Files (x86)\uninstall.lng -> [2010/07/06 23:33:15 | 000,003,895 | ---- | C] ()
rarext.lng -> C:\Program Files (x86)\rarext.lng -> [2010/07/06 23:33:15 | 000,001,623 | ---- | C] ()
WinRAR.chm -> C:\Program Files (x86)\WinRAR.chm -> [2010/07/06 23:33:14 | 001,678,060 | ---- | C] ()
WinRAR.exe -> C:\Program Files (x86)\WinRAR.exe -> [2010/07/06 23:33:14 | 001,039,360 | ---- | C] ()
Rar.exe -> C:\Program Files (x86)\Rar.exe -> [2010/07/06 23:33:14 | 000,378,880 | ---- | C] ()
UnRAR.exe -> C:\Program Files (x86)\UnRAR.exe -> [2010/07/06 23:33:14 | 000,246,272 | ---- | C] ()
RarExt.dll -> C:\Program Files (x86)\RarExt.dll -> [2010/07/06 23:33:14 | 000,141,824 | ---- | C] ()
Uninstall.exe -> C:\Program Files (x86)\Uninstall.exe -> [2010/07/06 23:33:14 | 000,120,832 | ---- | C] ()
RarExt64.dll -> C:\Program Files (x86)\RarExt64.dll -> [2010/07/06 23:33:14 | 000,052,224 | ---- | C] ()
RarExtLoader.exe -> C:\Program Files (x86)\RarExtLoader.exe -> [2010/07/06 23:33:14 | 000,045,056 | ---- | C] ()
Order.htm -> C:\Program Files (x86)\Order.htm -> [2010/07/06 23:33:14 | 000,003,798 | ---- | C] ()
Descript.ion -> C:\Program Files (x86)\Descript.ion -> [2010/07/06 23:33:14 | 000,001,224 | ---- | C] ()
RarFiles.lst -> C:\Program Files (x86)\RarFiles.lst -> [2010/07/06 23:33:14 | 000,001,088 | ---- | C] ()
Uninstall.lst -> C:\Program Files (x86)\Uninstall.lst -> [2010/07/06 23:33:14 | 000,000,639 | ---- | C] ()
File_Id.diz -> C:\Program Files (x86)\File_Id.diz -> [2010/07/06 23:33:14 | 000,000,587 | ---- | C] ()
libavcodec.dll -> C:\Windows\SysWow64\libavcodec.dll -> [2010/05/24 16:33:00 | 004,670,829 | ---- | C] ()
ff_samplerate.dll -> C:\Windows\SysWow64\ff_samplerate.dll -> [2010/05/24 16:33:00 | 001,529,856 | ---- | C] ()
ffmpegmt.dll -> C:\Windows\SysWow64\ffmpegmt.dll -> [2010/05/24 16:33:00 | 001,447,921 | ---- | C] ()
ff_x264.dll -> C:\Windows\SysWow64\ff_x264.dll -> [2010/05/24 16:33:00 | 000,877,385 | ---- | C] ()
xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2010/05/24 16:33:00 | 000,810,113 | ---- | C] ()
ff_libfaad2.dll -> C:\Windows\SysWow64\ff_libfaad2.dll -> [2010/05/24 16:33:00 | 000,336,384 | ---- | C] ()
TomsMoComp_ff.dll -> C:\Windows\SysWow64\TomsMoComp_ff.dll -> [2010/05/24 16:33:00 | 000,324,096 | ---- | C] ()
ff_kernelDeint.dll -> C:\Windows\SysWow64\ff_kernelDeint.dll -> [2010/05/24 16:33:00 | 000,248,320 | ---- | C] ()
ff_libdts.dll -> C:\Windows\SysWow64\ff_libdts.dll -> [2010/05/24 16:33:00 | 000,216,576 | ---- | C] ()
ff_libmad.dll -> C:\Windows\SysWow64\ff_libmad.dll -> [2010/05/24 16:33:00 | 000,151,552 | ---- | C] ()
libmpeg2_ff.dll -> C:\Windows\SysWow64\libmpeg2_ff.dll -> [2010/05/24 16:33:00 | 000,145,408 | ---- | C] ()
libmplayer.dll -> C:\Windows\SysWow64\libmplayer.dll -> [2010/05/24 16:33:00 | 000,139,944 | ---- | C] ()
ff_liba52.dll -> C:\Windows\SysWow64\ff_liba52.dll -> [2010/05/24 16:33:00 | 000,121,856 | ---- | C] ()
ff_tremor.dll -> C:\Windows\SysWow64\ff_tremor.dll -> [2010/05/24 16:33:00 | 000,116,736 | ---- | C] ()
ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2010/05/24 16:33:00 | 000,108,032 | ---- | C] ()
ff_wmv9.dll -> C:\Windows\SysWow64\ff_wmv9.dll -> [2010/05/24 16:33:00 | 000,100,864 | ---- | C] ()
ff_unrar.dll -> C:\Windows\SysWow64\ff_unrar.dll -> [2010/05/24 16:33:00 | 000,097,792 | ---- | C] ()
mkx.dll -> C:\Windows\SysWow64\mkx.dll -> [2010/05/19 17:59:20 | 000,150,528 | ---- | C] ()
avi.dll -> C:\Windows\SysWow64\avi.dll -> [2010/05/19 17:59:10 | 000,109,568 | ---- | C] ()
mp4.dll -> C:\Windows\SysWow64\mp4.dll -> [2010/05/19 17:59:02 | 000,141,824 | ---- | C] ()
ogm.dll -> C:\Windows\SysWow64\ogm.dll -> [2010/05/19 17:58:52 | 000,123,392 | ---- | C] ()
dsmux.exe -> C:\Windows\SysWow64\dsmux.exe -> [2010/05/19 17:58:24 | 000,113,152 | ---- | C] ()
ts.dll -> C:\Windows\SysWow64\ts.dll -> [2010/05/19 17:58:18 | 000,154,112 | ---- | C] ()
dxr.dll -> C:\Windows\SysWow64\dxr.dll -> [2010/05/19 17:58:08 | 000,249,856 | ---- | C] ()
avs.dll -> C:\Windows\SysWow64\avs.dll -> [2010/05/19 17:57:42 | 000,097,792 | ---- | C] ()
mkv2vfr.exe -> C:\Windows\SysWow64\mkv2vfr.exe -> [2010/05/19 17:57:38 | 000,137,728 | ---- | C] ()
avss.dll -> C:\Windows\SysWow64\avss.dll -> [2010/05/19 17:57:26 | 000,093,184 | ---- | C] ()
gdsmux.exe -> C:\Windows\SysWow64\gdsmux.exe -> [2010/05/19 17:57:20 | 000,358,400 | ---- | C] ()
mkzlib.dll -> C:\Windows\SysWow64\mkzlib.dll -> [2010/05/19 17:55:40 | 000,080,384 | ---- | C] ()
mkunicode.dll -> C:\Windows\SysWow64\mkunicode.dll -> [2010/05/19 17:55:36 | 000,024,576 | ---- | C] ()
ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2010/01/05 15:43:38 | 000,000,000 | ---- | C] ()
LPRES.DLL -> C:\Windows\LPRES.DLL -> [2009/09/29 14:25:16 | 000,013,312 | ---- | C] ()
ac3config.exe -> C:\Windows\SysWow64\ac3config.exe -> [2009/08/11 18:21:26 | 000,087,552 | ---- | C] ()
bootstat(17).dat -> C:\Windows\bootstat(17).dat -> [2009/07/14 02:38:36 | 000,067,584 | --S- | C] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 02:38:36 | 000,067,584 | ---- | C] ()
NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 23:35:51 | 000,000,741 | ---- | C] ()
dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 23:34:42 | 000,215,943 | ---- | C] ()
mib.bin -> C:\Windows\mib.bin -> [2009/07/13 21:10:29 | 000,043,131 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 20:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 18:03:59 | 000,364,544 | ---- | C] ()
mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 18:26:10 | 000,673,088 | ---- | C] ()
xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2009/06/07 13:24:04 | 000,180,224 | ---- | C] ()
mmfinfo.dll -> C:\Windows\SysWow64\mmfinfo.dll -> [2009/01/10 19:15:44 | 000,159,744 | ---- | C] ()
qt-dx331.dll -> C:\Windows\SysWow64\qt-dx331.dll -> [2008/11/06 12:37:32 | 003,596,288 | ---- | C] ()
xlive.dll.cat -> C:\Windows\SysWow64\xlive.dll.cat -> [2008/10/22 05:29:06 | 000,173,550 | ---- | C] ()
AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
Registration.ini -> C:\Windows\SysWow64\Registration.ini -> [2007/10/13 06:30:20 | 000,000,137 | ---- | C] ()
[File - Lop Check]
DAEMON Tools Lite -> C:\Users\Pierre Cardoso\AppData\Roaming\DAEMON Tools Lite -> [2010/07/08 22:08:49 | 000,000,000 | ---D | M]
Eidos -> C:\Users\Pierre Cardoso\AppData\Roaming\Eidos -> [2010/12/14 21:41:08 | 000,000,000 | ---D | M]
Nokia -> C:\Users\Pierre Cardoso\AppData\Roaming\Nokia -> [2010/12/15 21:56:11 | 000,000,000 | ---D | M]
PC Suite -> C:\Users\Pierre Cardoso\AppData\Roaming\PC Suite -> [2011/01/26 10:41:24 | 000,000,000 | ---D | M]
pdf995 -> C:\Users\Pierre Cardoso\AppData\Roaming\pdf995 -> [2010/07/09 12:00:40 | 000,000,000 | ---D | M]
Sports Interactive -> C:\Users\Pierre Cardoso\AppData\Roaming\Sports Interactive -> [2011/02/10 23:13:58 | 000,000,000 | ---D | M]
VDownloader -> C:\Users\Pierre Cardoso\AppData\Roaming\VDownloader -> [2010/09/08 20:29:39 | 000,000,000 | ---D | M]
WinBatch -> C:\Users\Pierre Cardoso\AppData\Roaming\WinBatch -> [2010/07/03 16:39:28 | 000,000,000 | ---D | M]
Windows Live Writer -> C:\Users\Pierre Cardoso\AppData\Roaming\Windows Live Writer -> [2010/10/20 20:51:16 | 000,000,000 | ---D | M]
XMedia Recode -> C:\Users\Pierre Cardoso\AppData\Roaming\XMedia Recode -> [2011/04/15 21:09:04 | 000,000,000 | ---D | M]
YoudaGames -> C:\Users\Pierre Cardoso\AppData\Roaming\YoudaGames -> [2011/05/01 19:24:17 | 000,000,000 | ---D | M]
PCDRScheduledMaintenance.job -> C:\Windows\Tasks\PCDRScheduledMaintenance.job -> [2011/06/30 12:10:23 | 000,000,544 | ---- | M] ()
SCHEDLGU(19).TXT -> C:\Windows\Tasks\SCHEDLGU(19).TXT -> [2009/07/14 02:08:49 | 000,019,288 | ---- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/14 02:08:49 | 000,027,782 | ---- | M] ()
[File - Purity Scan]
[Alternate Data Streams]
@Alternate Data Stream - 204 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 81 bytes -> C:\Program Files (x86)\Rox Poker:MID
< End of report >
1.
*Execute o OTS
*Clique [CleanUp] > [Yes]
*O PC será reiniciado
O log está limpo.
Um abraço.
Muito obrigado!
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Olá moicanofacul
*Baixe o OTS e salve-o no desktop
*Execute-o e selecione a opção:
*Clique [Quick Scan] e cole o relatório apresentado
Caso o relatório fique demasiadamente grande...
*Acesse este link
*Selecione [x] 4 jours
*Clique [Enviar arquivo]
*Localize o arquivo OTS.txt no desktop
*Clique [Abrir] > [Créer le lien Cjoint]
*Cole o endereço criado