[Resolvido!] Error socket 11004

[Stacoviak 0]

Estou enfrentando problemas em meu teamspeak, segue log do hijakthis:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:11:35, on 11/01/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe

C:\Program Files (x86)\Xfire\Xfire.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://furacao.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 4133 bytes

[wings 22]

*Baixe o MalwareBytes Anti-malware e salve-o no desktop:

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as unidades a serem examinadas

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Selecione todas as entradas e clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Reinicie o PC

*Abra novamente o programa Malwarebytes e na aba [Logs] clique no arquivo mbam-log-ano-mês-data.txt

*Clique em [Abrir], copie, cole-o na sua próxima resposta

[Stacoviak 0]

Antes de mais nada, obrigado pelo help! Segue log:

 

Malwarebytes' Anti-Malware 1.44

Versão do banco de dados: 3556

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18865

 

13/01/2010 18:33:10

mbam-log-2010-01-13 (18-33-10).txt

 

Tipo de Verificação: Completa (C:\|)

Objetos verificados: 219683

Tempo decorrido: 22 minute(s), 10 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 0

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

 

Arquivos infectados:

(Nenhum ítem malicioso foi detectado)

[wings 22]

*Baixe o HJTScanList e salve-o no desktop

*Extraia o seu conteúdo para o desktop

*Duplo clique em hjtscanlist.bat

*Tecle V > [ENTER]

*Tecle 1 > [ENTER]

*Selecione (Ctrl+A), copie (Ctrl+C) e cole (Ctrl+V) o relatório na sua próxima resposta.

[Stacoviak 0]

 
                       $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                       º                                    º 
                                   hjtscanlist v2.0              
                       º                                    º 
                       $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [versÆo 6.0.6002]


C:

      C:\pagefile.sys ---------    
 13/01/2010 16:28     C:\System Volume Information --------- 28672   
 12/01/2010 18:32     C:\Program Files (x86) --------- 12288   
 12/01/2010 18:05     C:\Windows --------- 24576   
 12/01/2010 18:02     C:\ProgramData --------- 4096   
 10/01/2010 04:03     C:\RaidTool --------- 0   
 10/01/2010 03:10     C:\Program Files --------- 8192   
 10/01/2010 03:04     C:\BOOTSECT.BAK --------- 8192   
 10/01/2010 03:04     C:\Boot --------- 4096   
 10/01/2010 01:09     C:\ATI --------- 0   
 09/01/2010 23:22     C:\grldr --------- 171136   
 09/01/2010 22:34     C:\MSOCache --------- 0   
 09/01/2010 21:18     C:\Intel --------- 0   
 09/01/2010 21:14     C:\$Recycle.Bin --------- 0   
 09/01/2010 21:14     C:\Users --------- 4096   
 09/01/2010 21:12     C:\Arquivos de programas --------- 0   
 11/04/2009 14:24     C:\bootmgr --------- 333257   
 21/01/2008 01:03     C:\PerfLogs --------- 0   
 02/11/2006 13:41     C:\Documents and Settings --------- 0   
----------------------------------------


C:\Windows

 13/01/2010 19:25     C:\Windows\WindowsUpdate.log --------- 1957495   
 13/01/2010 18:34     C:\Windows\bootstat.dat --------- 67584   
 12/01/2010 18:45     C:\Windows\ntbtlog.txt --------- 226958   
 11/01/2010 17:13     C:\Windows\win.ini --------- 219   
 10/01/2010 21:42     C:\Windows\PFRO.log --------- 11520   
 10/01/2010 06:27     C:\Windows\setuperr.log --------- 0   
 10/01/2010 06:27     C:\Windows\setupact.log --------- 0   
 10/01/2010 05:08     C:\Windows\WININIT.INI --------- 0   
 10/01/2010 03:10     C:\Windows\DIFxAPI.dll --------- 525792   
 10/01/2010 01:14     C:\Windows\ativpsrm.bin --------- 0   
 09/01/2010 23:05     C:\Windows\DirectX.log --------- 160420   
 09/01/2010 23:04     C:\Windows\game.ini --------- 331   
 09/01/2010 22:37     C:\Windows\ie8_main.log --------- 2084   
 09/01/2010 21:09     C:\Windows\DtcInstall.log --------- 4297   
 09/01/2010 21:09     C:\Windows\TSSysprep.log --------- 1355   
 24/11/2009 17:40     C:\Windows\RtlExUpd.dll --------- 838176   
 30/10/2009 15:44     C:\Windows\atiogl.xml --------- 19017   
 11/04/2009 14:23     C:\Windows\explorer.exe --------- 3079168   
 21/01/2008 01:21     C:\Windows\WindowsShell.Manifest --------- 749   
 21/01/2008 00:50     C:\Windows\HelpPane.exe --------- 734720   
 21/01/2008 00:48     C:\Windows\regedit.exe --------- 161792   
 21/01/2008 00:48     C:\Windows\bfsvc.exe --------- 65536   
 21/01/2008 00:48     C:\Windows\splwow64.exe --------- 39936   
 21/01/2008 00:48     C:\Windows\fveupdate.exe --------- 14848   
 21/01/2008 00:46     C:\Windows\notepad.exe --------- 169472   
 02/11/2006 13:02     C:\Windows\WMSysPr9.prx --------- 316640   
 02/11/2006 13:00     C:\Windows\twunk_16.exe --------- 49680   
 02/11/2006 13:00     C:\Windows\twain_32.dll --------- 50688   
 02/11/2006 13:00     C:\Windows\twunk_32.exe --------- 31232   
 02/11/2006 13:00     C:\Windows\twain.dll --------- 94784   
 02/11/2006 09:15     C:\Windows\hh.exe --------- 15872   
 02/11/2006 07:45     C:\Windows\winhlp32.exe --------- 9216   
 02/11/2006 06:26     C:\Windows\mib.bin --------- 43131   
 19/09/2006 09:41     C:\Windows\Ultimate.xml --------- 4261   
 18/09/2006 19:44     C:\Windows\system.ini --------- 219   
 18/09/2006 19:30     C:\Windows\msdfmap.ini --------- 1405   
----------------------------------------


C:\Windows\System

----------------------------------------


C:\Windows\System32

13/01/2010 19:37     C:\Windows\system32\hjtscanlist.txt --------- 4003  
13/01/2010 18:40     C:\Windows\system32\prfh0416.dat --------- 628814  
13/01/2010 18:40     C:\Windows\system32\prfc0416.dat --------- 120466  
13/01/2010 18:40     C:\Windows\system32\perfh009.dat --------- 586980  
13/01/2010 18:40     C:\Windows\system32\perfc009.dat --------- 101052  
13/01/2010 18:40     C:\Windows\system32\PerfStringBackup.INI --------- 1438332  
13/01/2010 18:34     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3664  
13/01/2010 18:34     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3664  
13/01/2010 16:30     C:\Windows\system32\catroot --------- 4096  
13/01/2010 16:28     C:\Windows\system32\catroot2 --------- 12288  
12/01/2010 18:43     C:\Windows\system32\FNTCACHE.DAT --------- 372248  
12/01/2010 18:02     C:\Windows\system32\drivers --------- 65536  
10/01/2010 04:05     C:\Windows\system32\pt-BR --------- 196608  
10/01/2010 04:05     C:\Windows\system32\en-US --------- 327680  
10/01/2010 01:37     C:\Windows\system32\WDI --------- 4096  
10/01/2010 01:13     C:\Windows\system32\WindowsPowerShell --------- 0  
10/01/2010 01:13     C:\Windows\system32\wbem --------- 65536  
10/01/2010 00:23     C:\Windows\system32\zh-TW --------- 0  
10/01/2010 00:23     C:\Windows\system32\zh-CN --------- 0  
10/01/2010 00:23     C:\Windows\system32\uk-UA --------- 0  
10/01/2010 00:23     C:\Windows\system32\tr-TR --------- 0  
10/01/2010 00:23     C:\Windows\system32\th-TH --------- 0  
10/01/2010 00:23     C:\Windows\system32\sv-SE --------- 0  
10/01/2010 00:23     C:\Windows\system32\sr-Latn-CS --------- 0  
10/01/2010 00:23     C:\Windows\system32\sl-SI --------- 0  
10/01/2010 00:23     C:\Windows\system32\sk-SK --------- 0  
10/01/2010 00:23     C:\Windows\system32\ru-RU --------- 0  
10/01/2010 00:23     C:\Windows\system32\ro-RO --------- 0  
10/01/2010 00:23     C:\Windows\system32\pt-PT --------- 0  
10/01/2010 00:23     C:\Windows\system32\pl-PL --------- 0  
10/01/2010 00:23     C:\Windows\system32\nl-NL --------- 0  
10/01/2010 00:23     C:\Windows\system32\nb-NO --------- 0  
10/01/2010 00:23     C:\Windows\system32\lv-LV --------- 0  
10/01/2010 00:23     C:\Windows\system32\lt-LT --------- 0  
10/01/2010 00:23     C:\Windows\system32\ko-KR --------- 0  
10/01/2010 00:23     C:\Windows\system32\ja-JP --------- 0  
10/01/2010 00:23     C:\Windows\system32\it-IT --------- 0  
10/01/2010 00:23     C:\Windows\system32\hu-HU --------- 0  
10/01/2010 00:23     C:\Windows\system32\hr-HR --------- 0  
10/01/2010 00:23     C:\Windows\system32\he-IL --------- 0  
10/01/2010 00:23     C:\Windows\system32\fr-FR --------- 0  
10/01/2010 00:23     C:\Windows\system32\fi-FI --------- 0  
10/01/2010 00:23     C:\Windows\system32\et-EE --------- 0  
10/01/2010 00:23     C:\Windows\system32\es-ES --------- 0  
10/01/2010 00:23     C:\Windows\system32\el-GR --------- 0  
10/01/2010 00:23     C:\Windows\system32\de-DE --------- 0  
10/01/2010 00:23     C:\Windows\system32\da-DK --------- 0  
10/01/2010 00:23     C:\Windows\system32\cs-CZ --------- 0  
10/01/2010 00:23     C:\Windows\system32\bg-BG --------- 0  
10/01/2010 00:23     C:\Windows\system32\ar-SA --------- 0  
09/01/2010 23:50     C:\Windows\system32\GroupPolicy --------- 0  
09/01/2010 23:22     C:\Windows\system32\oobe --------- 4096  
09/01/2010 23:19     C:\Windows\system32\Tasks --------- 4096  
09/01/2010 23:15     C:\Windows\system32\zh-HK --------- 0  
09/01/2010 23:15     C:\Windows\system32\migration --------- 4096  
09/01/2010 23:04     C:\Windows\system32\LogFiles --------- 0  
09/01/2010 21:50     C:\Windows\system32\NDF --------- 0  
09/01/2010 21:19     C:\Windows\system32\restore --------- 0  
09/01/2010 21:09     C:\Windows\system32\license.rtf --------- 51585  
04/01/2010 22:48     C:\Windows\system32\mrt.exe --------- 30970312  
22/12/2009 22:03     C:\Windows\system32\xfcodec64.dll --------- 27536  
03/12/2009 20:50     C:\Windows\system32\RtPgEx64.dll --------- 1692192  
03/12/2009 20:50     C:\Windows\system32\RtlCPAPI64.dll --------- 332320  
03/12/2009 20:50     C:\Windows\system32\RTSnMg64.cpl --------- 612384  
03/12/2009 20:50     C:\Windows\system32\RtkCfg64.dll --------- 149536  
03/12/2009 20:50     C:\Windows\system32\RTCOM64.dll --------- 1201184  
03/12/2009 20:50     C:\Windows\system32\RtkAPO64.dll --------- 1638944  
03/12/2009 20:50     C:\Windows\system32\RtkApi64.dll --------- 469024  
03/12/2009 20:50     C:\Windows\system32\RCoInst64.dll --------- 66592  
01/12/2009 15:45     C:\Windows\system32\FMAPO64.dll --------- 327584  
25/11/2009 01:18     C:\Windows\system32\ATIDEMGX.dll --------- 446464  
25/11/2009 01:17     C:\Windows\system32\atieclxx.exe --------- 446976  
25/11/2009 01:17     C:\Windows\system32\atiesrxx.exe --------- 202752  
25/11/2009 01:15     C:\Windows\system32\atitmm64.dll --------- 120320  
25/11/2009 01:15     C:\Windows\system32\atipdl64.dll --------- 421376  
25/11/2009 01:15     C:\Windows\system32\atimuixx.dll --------- 12288  
25/11/2009 01:15     C:\Windows\system32\atiedu64.dll --------- 59392  
25/11/2009 01:04     C:\Windows\system32\atidxx64.dll --------- 3661824  
25/11/2009 01:02     C:\Windows\system32\atio6axx.dll --------- 17625088  
25/11/2009 00:50     C:\Windows\system32\atiumd64.dll --------- 4683776  
25/11/2009 00:43     C:\Windows\system32\atiumd6a.dll --------- 2601984  
25/11/2009 00:41     C:\Windows\system32\atiumd6a.cap --------- 402016  
25/11/2009 00:25     C:\Windows\system32\atimpc64.dll --------- 53248  
25/11/2009 00:25     C:\Windows\system32\amdpcom64.dll --------- 53248  
25/11/2009 00:25     C:\Windows\system32\atiadlxx.dll --------- 312320  
25/11/2009 00:21     C:\Windows\system32\aticalrt64.dll --------- 43008  
25/11/2009 00:21     C:\Windows\system32\aticalcl64.dll --------- 39936  
25/11/2009 00:21     C:\Windows\system32\aticaldd64.dll --------- 4740096  
24/11/2009 09:55     C:\Windows\system32\SRSTSX64.dll --------- 518896  
24/11/2009 09:55     C:\Windows\system32\SRSTSH64.dll --------- 211184  
24/11/2009 09:55     C:\Windows\system32\SRSHP64.dll --------- 198896  
24/11/2009 09:55     C:\Windows\system32\SRSWOW64.dll --------- 155888  
21/11/2009 04:52     C:\Windows\system32\wininet.dll --------- 1147904  
21/11/2009 04:51     C:\Windows\system32\urlmon.dll --------- 1484288  
21/11/2009 04:50     C:\Windows\system32\occache.dll --------- 243712  
21/11/2009 04:47     C:\Windows\system32\mshtml.dll --------- 9237504  
21/11/2009 04:47     C:\Windows\system32\msfeeds.dll --------- 700928  
21/11/2009 04:47     C:\Windows\system32\msfeedsbs.dll --------- 71680  
21/11/2009 04:47     C:\Windows\system32\jsproxy.dll --------- 31744  
21/11/2009 04:46     C:\Windows\system32\inetcpl.cpl --------- 1538560  
----------------------------------------


C:\Windows\Prefetch

13/01/2010 19:37     C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf --------- 18556  
13/01/2010 19:37     C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf --------- 84038  
13/01/2010 19:37     C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf --------- 18688  
13/01/2010 19:37     C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf --------- 92302  
13/01/2010 19:37     C:\Windows\Prefetch\DLLHOST.EXE-896DB558.pf --------- 28712  
13/01/2010 19:37     C:\Windows\Prefetch\VERCLSID.EXE-9E4B27CB.pf --------- 21714  
13/01/2010 19:36     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf --------- 19692  
13/01/2010 19:36     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf --------- 25784  
13/01/2010 19:36     C:\Windows\Prefetch\IEXPLORE.EXE-F6A52C86.pf --------- 193590  
13/01/2010 19:35     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 1962029  
13/01/2010 19:35     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 1187179  
13/01/2010 19:35     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 4828021  
13/01/2010 19:35     C:\Windows\Prefetch\AgRobust.db --------- 332640  
13/01/2010 19:25     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf --------- 30904  
13/01/2010 19:25     C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf --------- 32764  
13/01/2010 18:49     C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf --------- 24608  
13/01/2010 18:47     C:\Windows\Prefetch\WERCON.EXE-FE5CD389.pf --------- 28524  
13/01/2010 18:47     C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf --------- 21162  
13/01/2010 18:38     C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf --------- 19690  
13/01/2010 18:35     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 2952612  
13/01/2010 18:33     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584  
13/01/2010 18:33     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4247687710-4095903958-1810598272-1000.db --------- 912285  
13/01/2010 18:33     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4247687710-4095903958-1810598272-1000.db --------- 385007  
13/01/2010 18:31     C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf --------- 21354  
13/01/2010 18:31     C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf --------- 75098  
13/01/2010 18:21     C:\Windows\Prefetch\Layout.ini --------- 1016198  
13/01/2010 17:24     C:\Windows\Prefetch\WUAPP.EXE-12372724.pf --------- 33114  
13/01/2010 16:28     C:\Windows\Prefetch\WUAUCLT.EXE-830BCC14.pf --------- 307022  
13/01/2010 16:28     C:\Windows\Prefetch\DRVINST.EXE-5F8E77CD.pf --------- 88174  
12/01/2010 18:58     C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf --------- 45802  
12/01/2010 18:32     C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf --------- 22308  
12/01/2010 18:31     C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf --------- 22066  
12/01/2010 18:31     C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf --------- 20784  
12/01/2010 18:28     C:\Windows\Prefetch\ReadyBoot --------- 4096  
12/01/2010 18:04     C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf --------- 10404  
12/01/2010 18:04     C:\Windows\Prefetch\CONIME.EXE-B273009A.pf --------- 11962  
12/01/2010 18:02     C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf --------- 24590  
12/01/2010 17:56     C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf --------- 52844  
11/01/2010 23:10     C:\Windows\Prefetch\WERFAULT.EXE-0897AE09.pf --------- 59882  
11/01/2010 17:21     C:\Windows\Prefetch\SVCHOST.EXE-7488A139.pf --------- 27792  
11/01/2010 16:45     C:\Windows\Prefetch\RUNDLL32.EXE-78D878D6.pf --------- 23284  
11/01/2010 16:44     C:\Windows\Prefetch\RUNDLL32.EXE-E9416966.pf --------- 29228  
11/01/2010 16:43     C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf --------- 34450  
11/01/2010 15:59     C:\Windows\Prefetch\MMC.EXE-13B1E27B.pf --------- 68048  
10/01/2010 22:25     C:\Windows\Prefetch\DLLHOST.EXE-875FC13D.pf --------- 23446  
10/01/2010 22:20     C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf --------- 118896  
10/01/2010 22:08     C:\Windows\Prefetch\DLLHOST.EXE-E94BCC12.pf --------- 35260  
10/01/2010 21:43     C:\Windows\Prefetch\RUNDLL32.EXE-3E6C7B7C.pf --------- 18250  
10/01/2010 21:43     C:\Windows\Prefetch\SVCHOST.EXE-4D8DA32A.pf --------- 25452  
10/01/2010 21:40     C:\Windows\Prefetch\EXPLORER.EXE-F6875474.pf --------- 89070  
10/01/2010 21:36     C:\Windows\Prefetch\MMC.EXE-5F235681.pf --------- 186788  
10/01/2010 21:36     C:\Windows\Prefetch\MENU.EXE-4C039FCC.pf --------- 28304  
10/01/2010 21:36     C:\Windows\Prefetch\COMPMGMTLAUNCHER.EXE-0BF80059.pf --------- 27796  
10/01/2010 21:36     C:\Windows\Prefetch\SETUP.EXE-9F182B59.pf --------- 34534  
10/01/2010 21:32     C:\Windows\Prefetch\DLLHOST.EXE-C5C55E89.pf --------- 63332  
10/01/2010 21:28     C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf --------- 62140  
10/01/2010 21:18     C:\Windows\Prefetch\WMPLAYER.EXE-61D40ED1.pf --------- 680402  
10/01/2010 06:13     C:\Windows\Prefetch\MSASCUI.EXE-6465DB72.pf --------- 21340  
10/01/2010 06:03     C:\Windows\Prefetch\MFPMP.EXE-73140A33.pf --------- 37976  
10/01/2010 05:24     C:\Windows\Prefetch\WMIPRVSE.EXE-94D7CB13.pf --------- 40032  
10/01/2010 04:03     C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf --------- 33354  
10/01/2010 04:03     C:\Windows\Prefetch\ISBEW64.EXE-4BA5F2F0.pf --------- 20282  
10/01/2010 04:02     C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf --------- 39616  
10/01/2010 03:55     C:\Windows\Prefetch\DVDMAKER.EXE-72E6235F.pf --------- 49898  
10/01/2010 03:55     C:\Windows\Prefetch\SETUP_WM.EXE-0E4CB6C8.pf --------- 46544  
10/01/2010 03:43     C:\Windows\Prefetch\RUNDLL32.EXE-457BF760.pf --------- 15630  
10/01/2010 03:43     C:\Windows\Prefetch\RUNDLL32.EXE-7834A53C.pf --------- 33472  
10/01/2010 02:50     C:\Windows\Prefetch\SNDVOL.EXE-783DCB11.pf --------- 31820  
10/01/2010 02:46     C:\Windows\Prefetch\RUNDLL32.EXE-F00F3AA4.pf --------- 39972  
10/01/2010 01:39     C:\Windows\Prefetch\DLLHOST.EXE-7D2183B8.pf --------- 52678  
10/01/2010 01:16     C:\Windows\Prefetch\RUNONCE.EXE-E33ED995.pf --------- 18924  
10/01/2010 01:16     C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf --------- 178712  
10/01/2010 01:15     C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf --------- 21562  
10/01/2010 01:15     C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf --------- 14774  
10/01/2010 01:15     C:\Windows\Prefetch\MSCORSVW.EXE-657DC389.pf --------- 124988  
10/01/2010 01:15     C:\Windows\Prefetch\MSCORSVW.EXE-C735E247.pf --------- 229946  
09/01/2010 23:50     C:\Windows\Prefetch\RUNDLL32.EXE-B9EF4314.pf --------- 53238  
09/01/2010 23:30     C:\Windows\Prefetch\WSCRIPT.EXE-A36E1053.pf --------- 45650  
09/01/2010 23:29     C:\Windows\Prefetch\ATTRIB.EXE-8E828325.pf --------- 12678  
09/01/2010 23:28     C:\Windows\Prefetch\VST.X-FREE.AO_2.1.2.1.2.EXE-CBB75420.pf --------- 106874  
09/01/2010 23:22     C:\Windows\Prefetch\BOOTINST.EXE-CD9EE2E7.pf --------- 39808  
09/01/2010 23:21     C:\Windows\Prefetch\ACTIVATOR.EXE-EBC71248.pf --------- 21982  
09/01/2010 23:19     C:\Windows\Prefetch\IE4UINIT.EXE-0BC11EF2.pf --------- 48108  
09/01/2010 23:19     C:\Windows\Prefetch\IE4UINIT.EXE-5C765116.pf --------- 59352  
09/01/2010 23:11     C:\Windows\Prefetch\COD4MW-1.6-1.7-PATCHSETUP.EXE-E0C44EC0.pf --------- 25184  
09/01/2010 23:06     C:\Windows\Prefetch\IEUSER.EXE-DB146D8F.pf --------- 37998  
09/01/2010 22:07     C:\Windows\Prefetch\WUAPP.EXE-EE15DE28.pf --------- 15420  
09/01/2010 22:05     C:\Windows\Prefetch\RUNDLL32.EXE-5306B49E.pf --------- 18404  
09/01/2010 21:53     C:\Windows\Prefetch\RUNDLL32.EXE-E57D03D0.pf --------- 36550  
09/01/2010 21:52     C:\Windows\Prefetch\DLLHOST.EXE-01BD8EF6.pf --------- 27440  
09/01/2010 21:50     C:\Windows\Prefetch\SVCHOST.EXE-E2D30E5C.pf --------- 22598  
09/01/2010 21:43     C:\Windows\Prefetch\RUNDLL32.EXE-725B0D4A.pf --------- 24762  
09/01/2010 21:42     C:\Windows\Prefetch\RUNDLL32.EXE-E3DE6420.pf --------- 32986  
09/01/2010 21:41     C:\Windows\Prefetch\WMPSHARE.EXE-73C9F24C.pf --------- 23792  
09/01/2010 21:41     C:\Windows\Prefetch\UNREGMP2.EXE-F3D7C3D3.pf --------- 88738  
09/01/2010 21:41     C:\Windows\Prefetch\UNREGMP2.EXE-448CF5F7.pf --------- 33544  
09/01/2010 21:34     C:\Windows\Prefetch\PID.EXE-64A88815.pf --------- 22350  
09/01/2010 21:34     C:\Windows\Prefetch\DLLHOST.EXE-7EA5E62D.pf --------- 23386  
09/01/2010 21:32     C:\Windows\Prefetch\RUNDLL32.EXE-F04B6BA4.pf --------- 35336  
09/01/2010 21:31     C:\Windows\Prefetch\LAUNCHU3.EXE-8715E9E5.pf --------- 34296  
09/01/2010 21:30     C:\Windows\Prefetch\IEUSER.EXE-D895AB54.pf --------- 37534  
09/01/2010 21:26     C:\Windows\Prefetch\WUSETUPV.EXE-E659F076.pf --------- 17776  
09/01/2010 21:26     C:\Windows\Prefetch\LANSETV6.EXE-73064295.pf --------- 42644  
09/01/2010 21:25     C:\Windows\Prefetch\PNPUTIL.EXE-5CDF92C7.pf --------- 16404  
09/01/2010 21:25     C:\Windows\Prefetch\ISBEW64.EXE-11E04A5B.pf --------- 18792  
09/01/2010 21:25     C:\Windows\Prefetch\_ISBF68.EXE-64CBB6BA.pf --------- 55732  
09/01/2010 21:25     C:\Windows\Prefetch\SETUP.EXE-2779B355.pf --------- 27724  
09/01/2010 21:25     C:\Windows\Prefetch\SET4D83.TMP-0FF35343.pf --------- 68112  
09/01/2010 21:25     C:\Windows\Prefetch\SETUP.EXE-155A73B8.pf --------- 27572  
09/01/2010 21:24     C:\Windows\Prefetch\HIDE.EXE-4BBF2ABE.pf --------- 24196  
09/01/2010 21:23     C:\Windows\Prefetch\DRIUPDATE64.EXE-CF22478B.pf --------- 50182  
09/01/2010 21:23     C:\Windows\Prefetch\ISBEW64.EXE-45067BC1.pf --------- 18546  
09/01/2010 21:23     C:\Windows\Prefetch\SETUP.EXE-CE270DE4.pf --------- 55754  
09/01/2010 21:23     C:\Windows\Prefetch\SETUP.EXE-3BC7827C.pf --------- 31158  
09/01/2010 21:22     C:\Windows\Prefetch\WUDFHOST.EXE-81420B07.pf --------- 25462  
09/01/2010 21:21     C:\Windows\Prefetch\DIFX64.EXE-985C8EBC.pf --------- 38352  
09/01/2010 21:19     C:\Windows\Prefetch\RUNDLL32.EXE-DBDC137A.pf --------- 21320  
09/01/2010 21:18     C:\Windows\Prefetch\SETUP.EXE-5502AD5A.pf --------- 33488  
09/01/2010 21:16     C:\Windows\Prefetch\RUNDLL32.EXE-AB2961AD.pf --------- 23904  
09/01/2010 21:14     C:\Windows\Prefetch\RUNDLL32.EXE-8B1FD299.pf --------- 47412  
09/01/2010 21:14     C:\Windows\Prefetch\RUNDLL32.EXE-935475C8.pf --------- 8888  
09/01/2010 21:14     C:\Windows\Prefetch\WINMAIL.EXE-D6E90604.pf --------- 72984  
09/01/2010 21:14     C:\Windows\Prefetch\RUNDLL32.EXE-399DA194.pf --------- 20292  
09/01/2010 21:14     C:\Windows\Prefetch\WINMAIL.EXE-804DDA9F.pf --------- 43814  
09/01/2010 21:13     C:\Windows\Prefetch\SPOOLSV.EXE-E4D0FF39.pf --------- 12580  
09/01/2010 21:13     C:\Windows\Prefetch\SVCHOST.EXE-7643E300.pf --------- 36578  
09/01/2010 21:13     C:\Windows\Prefetch\SVCHOST.EXE-11B57953.pf --------- 36954  
09/01/2010 21:13     C:\Windows\Prefetch\SVCHOST.EXE-2A6E95B3.pf --------- 36742  
09/01/2010 21:13     C:\Windows\Prefetch\SVCHOST.EXE-18D06B2E.pf --------- 41826  
09/01/2010 21:09     C:\Windows\Prefetch\BFSVC.EXE-A870E999.pf --------- 10016  
09/01/2010 21:09     C:\Windows\Prefetch\RUNDLL32.EXE-EDEF0580.pf --------- 15088  
09/01/2010 21:07     C:\Windows\Prefetch\SVCHOST.EXE-2FFE0083.pf --------- 20464  
09/01/2010 21:07     C:\Windows\Prefetch\LSM.EXE-20DE9C3F.pf --------- 5706  
09/01/2010 21:07     C:\Windows\Prefetch\SETUP.EXE-D62D5295.pf --------- 40028  
09/01/2010 21:07     C:\Windows\Prefetch\LSASS.EXE-8DBFE3B9.pf --------- 11840  
09/01/2010 21:07     C:\Windows\Prefetch\SVCHOST.EXE-F5AA802A.pf --------- 16306  
09/01/2010 21:07     C:\Windows\Prefetch\WINLOGON.EXE-8163EECC.pf --------- 18966  
09/01/2010 21:07     C:\Windows\Prefetch\SERVICES.EXE-2260497F.pf --------- 10294  
09/01/2010 21:07     C:\Windows\Prefetch\AgAppLaunch.db --------- 334168  
----------------------------------------


C:\Windows\Tasks

13/01/2010 18:34     C:\Windows\Tasks\SA.DAT --------- 6  
13/01/2010 18:33     C:\Windows\Tasks\SCHEDLGU.TXT --------- 17162  
13/01/2010 16:42     C:\Windows\Tasks\User_Feed_Synchronization-{8FDDE380-6BB2-4444-B5A2-CEF46124C97F}.job --------- 422  
----------------------------------------


C:\Windows\Temp

11/01/2010 17:19     C:\Windows\Temp\Silverlight0.log --------- 1886  
11/01/2010 17:19     C:\Windows\Temp\SilverlightMSI.log --------- 597280  
11/01/2010 02:05     C:\Windows\Temp\MpCmdRun.log --------- 3688  
10/01/2010 21:40     C:\Windows\Temp\HTT2B39.tmp --------- 1239534  
10/01/2010 21:40     C:\Windows\Temp\HTT2974.tmp --------- 1392174  
10/01/2010 21:40     C:\Windows\Temp\HTT2905.tmp --------- 1455535  
10/01/2010 21:40     C:\Windows\Temp\HTT28C5.tmp --------- 1488654  
10/01/2010 21:40     C:\Windows\Temp\HTT2896.tmp --------- 1490095  
10/01/2010 21:40     C:\Windows\Temp\HTT1AAC.tmp --------- 1174734  
10/01/2010 21:40     C:\Windows\Temp\HTT1ADC.tmp --------- 1647054  
10/01/2010 21:40     C:\Windows\Temp\HTT1B0C.tmp --------- 1658577  
10/01/2010 21:40     C:\Windows\Temp\HTT1B3C.tmp --------- 1521775  
10/01/2010 21:40     C:\Windows\Temp\HTT1B5C.tmp --------- 1418094  
10/01/2010 21:40     C:\Windows\Temp\HTT1B8C.tmp --------- 1668653  
10/01/2010 21:40     C:\Windows\Temp\HTT1D15.tmp --------- 1503056  
10/01/2010 21:40     C:\Windows\Temp\HTT1D35.tmp --------- 1586575  
10/01/2010 21:40     C:\Windows\Temp\HTT1D45.tmp --------- 1734894  
10/01/2010 21:40     C:\Windows\Temp\HTT1E6F.tmp --------- 1373455  
10/01/2010 21:40     C:\Windows\Temp\HTT2093.tmp --------- 1556334  
10/01/2010 21:40     C:\Windows\Temp\HTT20B3.tmp --------- 1579374  
10/01/2010 21:40     C:\Windows\Temp\HTT21CD.tmp --------- 2106414  
10/01/2010 21:40     C:\Windows\Temp\HTT2279.tmp --------- 1579376  
10/01/2010 21:40     C:\Windows\Temp\HTT22D8.tmp --------- 1603856  
10/01/2010 21:40     C:\Windows\Temp\HTT2308.tmp --------- 1693134  
10/01/2010 21:40     C:\Windows\Temp\HTT2431.tmp --------- 1776656  
10/01/2010 21:29     C:\Windows\Temp\DMID1FD.tmp --------- 0  
10/01/2010 21:28     C:\Windows\Temp\DMI50AE.tmp --------- 0  
09/01/2010 22:48     C:\Windows\Temp\MpSigStub.log --------- 3168  
09/01/2010 22:20     C:\Windows\Temp\DWDE697.tmp --------- 0  
09/01/2010 21:14     C:\Windows\Temp\WinSAT_StorageAsmt.etl --------- 3145728  
09/01/2010 21:12     C:\Windows\Temp\WinSAT_DX.etl --------- 1048576  
09/01/2010 21:12     C:\Windows\Temp\WinSAT_KernelLog.etl --------- 3145728  
09/01/2010 21:09     C:\Windows\Temp\FXSAPIDebugLogFile.txt --------- 0  
09/01/2010 21:09     C:\Windows\Temp\FXSTIFFDebugLogFile.txt --------- 0  
09/01/2010 21:08     C:\Windows\Temp\DMI5B39.tmp --------- 0  
09/01/2010 21:08     C:\Windows\Temp\DMI4F57.tmp --------- 0  
09/01/2010 21:07     C:\Windows\Temp\DMIF67E.tmp --------- 0  
----------------------------------------


C:\Users\Roberto\AppData\Local\Temp

13/01/2010 19:37     C:\Users\Roberto\AppData\Local\Temp\Low --------- 0  
13/01/2010 19:37     C:\Users\Roberto\AppData\Local\Temp\~DFDA04.tmp --------- 16384  
13/01/2010 19:36     C:\Users\Roberto\AppData\Local\Temp\~DF9184.tmp --------- 24576  
13/01/2010 19:35     C:\Users\Roberto\AppData\Local\Temp\~DFD2D0.tmp --------- 16384  
13/01/2010 19:35     C:\Users\Roberto\AppData\Local\Temp\Roberto.bmp --------- 24060  
13/01/2010 18:34     C:\Users\Roberto\AppData\Local\Temp\WPDNSE --------- 0  
13/01/2010 16:24     C:\Users\Roberto\AppData\Local\Temp\Cookies --------- 0  
13/01/2010 16:23     C:\Users\Roberto\AppData\Local\Temp\History --------- 0  
13/01/2010 16:23     C:\Users\Roberto\AppData\Local\Temp\Temporary Internet Files --------- 0  
11/01/2010 18:24     C:\Users\Roberto\AppData\Local\Temp\msohtmlclip1 --------- 0  
11/01/2010 18:24     C:\Users\Roberto\AppData\Local\Temp\msohtmlclip --------- 0  
11/01/2010 16:44     C:\Users\Roberto\AppData\Local\Temp\lpksetup-20100111-164458-0.log --------- 670  
11/01/2010 16:44     C:\Users\Roberto\AppData\Local\Temp\lpksetup-20100111-164443-0.log --------- 15964  
11/01/2010 01:57     C:\Users\Roberto\AppData\Local\Temp\VBE --------- 0  
10/01/2010 21:45     C:\Users\Roberto\AppData\Local\Temp\AdobeARM.log --------- 8374  
10/01/2010 21:39     C:\Users\Roberto\AppData\Local\Temp\MSIbad03.LOG --------- 872  
10/01/2010 21:29     C:\Users\Roberto\AppData\Local\Temp\DMI21C2.tmp --------- 0  
10/01/2010 21:19     C:\Users\Roberto\AppData\Local\Temp\wmplog01.sqm --------- 1450  
10/01/2010 06:29     C:\Users\Roberto\AppData\Local\Temp\WinSAT_StorageAsmt.etl --------- 3145728  
10/01/2010 06:28     C:\Users\Roberto\AppData\Local\Temp\WinSAT_DX.etl --------- 29360128  
10/01/2010 06:28     C:\Users\Roberto\AppData\Local\Temp\WinSAT_KernelLog.etl --------- 12582912  
10/01/2010 06:23     C:\Users\Roberto\AppData\Local\Temp\PrintPreview.hta --------- 30508  
10/01/2010 06:10     C:\Users\Roberto\AppData\Local\Temp\wmplog00.sqm --------- 2746  
10/01/2010 05:25     C:\Users\Roberto\AppData\Local\Temp\MessengerCache --------- 0  
10/01/2010 04:02     C:\Users\Roberto\AppData\Local\Temp\{59C3BE44-40E9-4A6E-A704-1BE671F306D5} --------- 0  
10/01/2010 03:55     C:\Users\Roberto\AppData\Local\Temp\wmsetup.log --------- 4783  
10/01/2010 01:58     C:\Users\Roberto\AppData\Local\Temp\~e5.0001 --------- 72192  
10/01/2010 01:40     C:\Users\Roberto\AppData\Local\Temp\pbsE68F.tmp --------- 385024  
10/01/2010 01:39     C:\Users\Roberto\AppData\Local\Temp\pbsA23C.tmp --------- 0  
10/01/2010 01:39     C:\Users\Roberto\AppData\Local\Temp\{5141424b-ecfa-4d96-80e3-914da9196593} --------- 0  
10/01/2010 00:38     C:\Users\Roberto\AppData\Local\Temp\CFGD5B6.tmp --------- 123  
10/01/2010 00:38     C:\Users\Roberto\AppData\Local\Temp\CFG9463.tmp --------- 123  
09/01/2010 23:56     C:\Users\Roberto\AppData\Local\Temp\nsvAE2B.tmp --------- 0  
09/01/2010 23:38     C:\Users\Roberto\AppData\Local\Temp\RarSFX1 --------- 0  
09/01/2010 23:22     C:\Users\Roberto\AppData\Local\Temp\RarSFX0 --------- 0  
09/01/2010 23:07     C:\Users\Roberto\AppData\Local\Temp\MSI55b8b.LOG --------- 324  
09/01/2010 22:48     C:\Users\Roberto\AppData\Local\Temp\SetupExe(20100109223343C1C).log --------- 126761  
09/01/2010 21:31     C:\Users\Roberto\AppData\Local\Temp\U3Launcher.log --------- 2980  
09/01/2010 21:26     C:\Users\Roberto\AppData\Local\Temp\{BCF5F8D6-F7E1-4459-B206-2AD9EDAD1466} --------- 0  
09/01/2010 21:26     C:\Users\Roberto\AppData\Local\Temp\{1DBFBFBF-56BF-4630-BBDC-4BAC8B28A978} --------- 4096  
09/01/2010 21:25     C:\Users\Roberto\AppData\Local\Temp\isp55C0.tmp --------- 0  
09/01/2010 21:24     C:\Users\Roberto\AppData\Local\Temp\{96870593-1BA5-4C97-98A5-73BC018AAA69} --------- 0  
09/01/2010 21:14     C:\Users\Roberto\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
31/08/2007 01:12     C:\Users\Roberto\AppData\Local\Temp\_isBF68.exe --------- 460248  
27/10/2006 20:14     C:\Users\Roberto\AppData\Local\Temp\ose00000.exe --------- 145184  
18/09/2006 17:31     C:\Users\Roberto\AppData\Local\Temp\Catalyst.bmp --------- 57656  
06/04/2005 21:39     C:\Users\Roberto\AppData\Local\Temp\set4D83.tmp --------- 121064  
26/12/2004 22:52     C:\Users\Roberto\AppData\Local\Temp\IEC6E2D.tmp --------- 346602  
26/12/2004 22:52     C:\Users\Roberto\AppData\Local\Temp\SetAB1D.tmp --------- 168448  
----------------------------------------


C:\Program Files

13/01/2010 16:30     C:\Program Files\Windows Mail --------- 4096  
11/01/2010 02:16     C:\Program Files\TeamSpeak 3 Client --------- 4096  
10/01/2010 03:10     C:\Program Files\Realtek --------- 0  
10/01/2010 01:12     C:\Program Files\ATI Technologies --------- 0  
10/01/2010 01:10     C:\Program Files\ATI --------- 0  
10/01/2010 00:22     C:\Program Files\BitLocker --------- 4096  
09/01/2010 23:15     C:\Program Files\Windows Media Player --------- 4096  
09/01/2010 23:15     C:\Program Files\Windows Portable Devices --------- 0  
09/01/2010 23:15     C:\Program Files\Internet Explorer --------- 4096  
09/01/2010 23:06     C:\Program Files\ESET --------- 0  
09/01/2010 22:36     C:\Program Files\Microsoft Office --------- 0  
09/01/2010 21:30     C:\Program Files\WinRAR --------- 4096  
09/01/2010 21:12     C:\Program Files\Common Files --------- 4096  
09/01/2010 21:12     C:\Program Files\Windows NT --------- 4096  
09/01/2010 21:12     C:\Program Files\Arquivos Comuns --------- 0  
11/04/2009 14:33     C:\Program Files\Windows Sidebar --------- 4096  
11/04/2009 14:33     C:\Program Files\Movie Maker --------- 4096  
11/04/2009 14:33     C:\Program Files\Windows Journal --------- 4096  
11/04/2009 14:33     C:\Program Files\Windows Collaboration --------- 4096  
11/04/2009 14:33     C:\Program Files\Windows Photo Gallery --------- 4096  
11/04/2009 14:33     C:\Program Files\Windows Defender --------- 4096  
21/01/2008 01:21     C:\Program Files\desktop.ini --------- 174  
21/01/2008 01:08     C:\Program Files\Windows Calendar --------- 0  
02/11/2006 13:42     C:\Program Files\Uninstall Information --------- 0  
02/11/2006 13:06     C:\Program Files\Microsoft Games --------- 4096  
02/11/2006 13:06     C:\Program Files\Reference Assemblies --------- 0  
02/11/2006 13:06     C:\Program Files\MSBuild --------- 0  
----------------------------------------


C:\ProgramData\.. 

Roberto    
Default    
desktop.ini    
Default User    
All Users    
Public    
----------------------------------------


C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

----------------------------------------



Nome da imagem            Identifi Nome da sessÆo       SessÆo# Uso de mem¢r
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         24 K
System                           4 Services                   0      5.924 K
smss.exe                       540 Services                   0        980 K
csrss.exe                      608 Services                   0     10.684 K
wininit.exe                    660 Services                   0      8.380 K
csrss.exe                      680 Console                    1     13.272 K
services.exe                   712 Services                   0      9.984 K
lsass.exe                      728 Services                   0      8.580 K
lsm.exe                        736 Services                   0      8.704 K
winlogon.exe                   892 Console                    1     10.788 K
svchost.exe                    924 Services                   0     11.176 K
svchost.exe                    984 Services                   0     11.568 K
svchost.exe                    208 Services                   0     19.932 K
svchost.exe                    408 Services                   0    155.304 K
svchost.exe                    560 Services                   0     81.164 K
audiodg.exe                    760 Services                   0     19.684 K
svchost.exe                   1040 Services                   0      9.380 K
SLsvc.exe                     1064 Services                   0     16.744 K
svchost.exe                   1084 Services                   0     20.404 K
svchost.exe                   1248 Services                   0     23.084 K
spoolsv.exe                   1512 Services                   0     17.380 K
svchost.exe                   1536 Services                   0     26.656 K
taskeng.exe                   1668 Console                    1     16.784 K
dwm.exe                       1812 Console                    1     56.716 K
explorer.exe                  1892 Console                    1     59.740 K
egui.exe                      1392 Console                    1     14.560 K
RAVCpl64.exe                  1424 Console                    1     14.916 K
sidebar.exe                   1600 Console                    1     38.456 K
sidebar.exe                   2116 Console                    1     24.304 K
taskeng.exe                   2160 Services                   0     10.708 K
ekrn.exe                      2436 Services                   0     54.184 K
PnkBstrA.exe                  2560 Services                   0      7.180 K
svchost.exe                   2612 Services                   0      6.704 K
svchost.exe                   2648 Services                   0     11.388 K
svchost.exe                   2676 Services                   0      6.220 K
SearchIndexer.exe             2720 Services                   0     28.076 K
unsecapp.exe                  2344 Console                    1      9.924 K
WmiPrvSE.exe                  1176 Services                   0     11.032 K
MOM.exe                       3316 Console                    1      5.000 K
CCC.exe                       3380 Console                    1     13.396 K
PnkBstrB.exe                  3920 Services                   0      5.160 K
iexplore.exe                  2696 Console                    1     29.512 K
iexplore.exe                  3516 Console                    1     66.332 K
SearchFilterHost.exe          1236 Services                   0      8.284 K
FlashUtil10e_ActiveX.exe      4064 Console                    1      6.600 K
iexplore.exe                  1984 Console                    1     33.964 K
SearchProtocolHost.exe        3984 Console                    1      9.704 K
iexplore.exe                  3088 Console                    1     23.416 K
SearchProtocolHost.exe        1108 Services                   0     11.156 K
cmd.exe                       3604 Console                    1      3.328 K
conime.exe                    3108 Console                    1      4.240 K
tasklist.exe                  1552 Console                    1      5.812 K
WmiPrvSE.exe                  3544 Services                   0      7.344 K


***** Ende des Scans 13/01/2010 um 19:37:47,11 ***  

[wings 22]

1.

*Delete o HJTScanList

 

2.

*Baixe o programa do link e salve-o no desktop

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

*Duplo clique em drweb-cureit.exe e instale o programa

*Clique em Iniciar e aguarde o scan inicial das áreas vitais do sistema terminar

*Caso encontre algo, clique em "Sim"

*Ao término, selecione a opção "Scan completo" e clique na seta verde ou azul

*Clique sempre "Sim" para a remoção

*Ao término, clique em "Arquivo" e salve o relatório no desktop

*O relatório terá extensão .csv

*Feche o DrWebCureIt e reinicie o PC

*Cole o relatório na sua próxima resposta.

[Stacoviak 0]

Fiz a verificação completa, mas a opção de salvar relatório não estava ativa. Achei o arquivo de log, mas é muito grande para postar aqui, vou colar as estatísticas:

 

O arquivo de log completo está aqui: Log'>http://rapidshare.com/files/335318879/CureIt.log.html"]Log

 

 

-----------------------------------------------------------------------------Estatísticas-----------------------------------------------------------------------------Objectos verificados: 228951Infectado: 0Objectos com modificações encontrados: 0Objectos suspeitos encontrados: 0Programas Adware encontrados: 0Programas Dialer encontrados: 0Programas Joke encontrados: 0Programas Riskware encontrados: 0Programas Hacktool encontrados: 0Objectos desinfectados: 0Objectos eliminados: 0Objectos renomeados: 0Objectos movidos: 0Objectos ignorados: 0Velocidade de verificação: 631 Kb/sTempo de verificação: 01:13:57-----------------------------------------------------------------------------=============================================================================Estatísticas totais da sessão=============================================================================Objectos verificados: 242855Infectado: 0Objectos com modificações encontrados: 0Objectos suspeitos encontrados: 0Programas Adware encontrados: 0Programas Dialer encontrados: 0Programas Joke encontrados: 0Programas Riskware encontrados: 0Programas Hacktool encontrados: 0Objectos desinfectados: 0Objectos eliminados: 0Objectos renomeados: 0Objectos movidos: 0Objectos ignorados: 0Velocidade de verificação: 8 Kb/sTempo de verificação: 01:19:40=============================================================================

[wings 22]

Nada foi encontrado...

 

O problema ainda persiste?

[Stacoviak 0]

O problema é bem específico com o programa teamspeak, quando tento conectar a um servidor aparece este erro: socket error # 11004. Não sei se tem a ver com vírus ou malwares.

[wings 22]

Bom...pelos relatórios não observei nada.

 

Darei uma olhada maior...

 

*Baixe o HJTScanList4 e salve-o no desktop

*Extraia o seu conteúdo para o desktop

*Duplo clique em hjtscanlist.bat

*Tecle V > [ENTER]

*Tecle 1 > [ENTER]

*Selecione (Ctrl+A), copie (Ctrl+C) e cole (Ctrl+V) os relatórios 1 e 2 na sua próxima resposta.

[Stacoviak 0]

Relatório 1:

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

º º

hjtscanlist v2.0

º º

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

 

Microsoft Windows [versÆo 6.0.6002]

 

14/01/2010

18:46

 

 

C:

 

C:\pagefile.sys ---------

13/01/2010 16:28 C:\System Volume Information --------- 28672

12/01/2010 18:32 C:\Program Files (x86) --------- 12288

12/01/2010 18:05 C:\Windows --------- 24576

12/01/2010 18:02 C:\ProgramData --------- 4096

10/01/2010 04:03 C:\RaidTool --------- 0

10/01/2010 03:10 C:\Program Files --------- 8192

10/01/2010 03:04 C:\BOOTSECT.BAK --------- 8192

10/01/2010 03:04 C:\Boot --------- 4096

10/01/2010 01:09 C:\ATI --------- 0

09/01/2010 23:22 C:\grldr --------- 171136

09/01/2010 22:34 C:\MSOCache --------- 0

09/01/2010 21:18 C:\Intel --------- 0

09/01/2010 21:14 C:\$Recycle.Bin --------- 0

09/01/2010 21:14 C:\Users --------- 4096

09/01/2010 21:12 C:\Arquivos de programas --------- 0

11/04/2009 14:24 C:\bootmgr --------- 333257

21/01/2008 01:03 C:\PerfLogs --------- 0

02/11/2006 13:41 C:\Documents and Settings --------- 0

----------------------------------------

 

 

C:\Windows

 

14/01/2010 15:23 C:\Windows\WindowsUpdate.log --------- 1988942

14/01/2010 15:22 C:\Windows\bootstat.dat --------- 67584

14/01/2010 15:22 C:\Windows\PFRO.log --------- 12580

12/01/2010 18:45 C:\Windows\ntbtlog.txt --------- 226958

11/01/2010 17:13 C:\Windows\win.ini --------- 219

10/01/2010 06:27 C:\Windows\setuperr.log --------- 0

10/01/2010 06:27 C:\Windows\setupact.log --------- 0

10/01/2010 05:08 C:\Windows\WININIT.INI --------- 0

10/01/2010 03:10 C:\Windows\DIFxAPI.dll --------- 525792

10/01/2010 01:14 C:\Windows\ativpsrm.bin --------- 0

09/01/2010 23:05 C:\Windows\DirectX.log --------- 160420

09/01/2010 23:04 C:\Windows\game.ini --------- 331

09/01/2010 22:37 C:\Windows\ie8_main.log --------- 2084

09/01/2010 21:09 C:\Windows\DtcInstall.log --------- 4297

09/01/2010 21:09 C:\Windows\TSSysprep.log --------- 1355

24/11/2009 17:40 C:\Windows\RtlExUpd.dll --------- 838176

30/10/2009 15:44 C:\Windows\atiogl.xml --------- 19017

11/04/2009 14:23 C:\Windows\explorer.exe --------- 3079168

21/01/2008 01:21 C:\Windows\WindowsShell.Manifest --------- 749

21/01/2008 00:50 C:\Windows\HelpPane.exe --------- 734720

21/01/2008 00:48 C:\Windows\regedit.exe --------- 161792

21/01/2008 00:48 C:\Windows\bfsvc.exe --------- 65536

21/01/2008 00:48 C:\Windows\splwow64.exe --------- 39936

21/01/2008 00:48 C:\Windows\fveupdate.exe --------- 14848

21/01/2008 00:46 C:\Windows\notepad.exe --------- 169472

02/11/2006 13:02 C:\Windows\WMSysPr9.prx --------- 316640

02/11/2006 13:00 C:\Windows\twunk_16.exe --------- 49680

02/11/2006 13:00 C:\Windows\twain_32.dll --------- 50688

02/11/2006 13:00 C:\Windows\twunk_32.exe --------- 31232

02/11/2006 13:00 C:\Windows\twain.dll --------- 94784

02/11/2006 09:15 C:\Windows\hh.exe --------- 15872

02/11/2006 07:45 C:\Windows\winhlp32.exe --------- 9216

02/11/2006 06:26 C:\Windows\mib.bin --------- 43131

19/09/2006 09:41 C:\Windows\Ultimate.xml --------- 4261

18/09/2006 19:44 C:\Windows\system.ini --------- 219

18/09/2006 19:30 C:\Windows\msdfmap.ini --------- 1405

----------------------------------------

 

 

C:\Windows\System

 

----------------------------------------

 

 

C:\Windows\System32

 

14/01/2010 18:46 C:\Windows\system32\hjtscanlist.txt --------- 4025

14/01/2010 17:22 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3664

14/01/2010 17:22 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3664

14/01/2010 15:29 C:\Windows\system32\prfc0416.dat --------- 120466

14/01/2010 15:29 C:\Windows\system32\perfh009.dat --------- 586980

14/01/2010 15:29 C:\Windows\system32\prfh0416.dat --------- 628814

14/01/2010 15:29 C:\Windows\system32\perfc009.dat --------- 101052

14/01/2010 15:29 C:\Windows\system32\PerfStringBackup.INI --------- 1438332

13/01/2010 21:56 C:\Windows\system32\WDI --------- 4096

13/01/2010 16:30 C:\Windows\system32\catroot --------- 4096

13/01/2010 16:28 C:\Windows\system32\catroot2 --------- 12288

12/01/2010 18:43 C:\Windows\system32\FNTCACHE.DAT --------- 372248

12/01/2010 18:02 C:\Windows\system32\drivers --------- 65536

10/01/2010 04:05 C:\Windows\system32\pt-BR --------- 196608

10/01/2010 04:05 C:\Windows\system32\en-US --------- 327680

10/01/2010 01:13 C:\Windows\system32\WindowsPowerShell --------- 0

10/01/2010 01:13 C:\Windows\system32\wbem --------- 65536

10/01/2010 00:23 C:\Windows\system32\zh-TW --------- 0

10/01/2010 00:23 C:\Windows\system32\zh-CN --------- 0

10/01/2010 00:23 C:\Windows\system32\uk-UA --------- 0

10/01/2010 00:23 C:\Windows\system32\tr-TR --------- 0

10/01/2010 00:23 C:\Windows\system32\th-TH --------- 0

10/01/2010 00:23 C:\Windows\system32\sv-SE --------- 0

10/01/2010 00:23 C:\Windows\system32\sr-Latn-CS --------- 0

10/01/2010 00:23 C:\Windows\system32\sl-SI --------- 0

10/01/2010 00:23 C:\Windows\system32\sk-SK --------- 0

10/01/2010 00:23 C:\Windows\system32\ru-RU --------- 0

10/01/2010 00:23 C:\Windows\system32\ro-RO --------- 0

10/01/2010 00:23 C:\Windows\system32\pt-PT --------- 0

10/01/2010 00:23 C:\Windows\system32\pl-PL --------- 0

10/01/2010 00:23 C:\Windows\system32\nl-NL --------- 0

10/01/2010 00:23 C:\Windows\system32\nb-NO --------- 0

10/01/2010 00:23 C:\Windows\system32\lv-LV --------- 0

10/01/2010 00:23 C:\Windows\system32\lt-LT --------- 0

10/01/2010 00:23 C:\Windows\system32\ko-KR --------- 0

10/01/2010 00:23 C:\Windows\system32\ja-JP --------- 0

10/01/2010 00:23 C:\Windows\system32\it-IT --------- 0

10/01/2010 00:23 C:\Windows\system32\hu-HU --------- 0

10/01/2010 00:23 C:\Windows\system32\hr-HR --------- 0

10/01/2010 00:23 C:\Windows\system32\he-IL --------- 0

10/01/2010 00:23 C:\Windows\system32\fr-FR --------- 0

10/01/2010 00:23 C:\Windows\system32\fi-FI --------- 0

10/01/2010 00:23 C:\Windows\system32\et-EE --------- 0

10/01/2010 00:23 C:\Windows\system32\es-ES --------- 0

10/01/2010 00:23 C:\Windows\system32\el-GR --------- 0

10/01/2010 00:23 C:\Windows\system32\de-DE --------- 0

10/01/2010 00:23 C:\Windows\system32\da-DK --------- 0

10/01/2010 00:23 C:\Windows\system32\cs-CZ --------- 0

10/01/2010 00:23 C:\Windows\system32\bg-BG --------- 0

10/01/2010 00:23 C:\Windows\system32\ar-SA --------- 0

09/01/2010 23:50 C:\Windows\system32\GroupPolicy --------- 0

09/01/2010 23:22 C:\Windows\system32\oobe --------- 4096

09/01/2010 23:19 C:\Windows\system32\Tasks --------- 4096

09/01/2010 23:15 C:\Windows\system32\zh-HK --------- 0

09/01/2010 23:15 C:\Windows\system32\migration --------- 0

09/01/2010 23:04 C:\Windows\system32\LogFiles --------- 0

09/01/2010 21:50 C:\Windows\system32\NDF --------- 0

09/01/2010 21:19 C:\Windows\system32\restore --------- 0

09/01/2010 21:09 C:\Windows\system32\license.rtf --------- 51585

04/01/2010 22:48 C:\Windows\system32\mrt.exe --------- 30970312

22/12/2009 22:03 C:\Windows\system32\xfcodec64.dll --------- 27536

03/12/2009 20:50 C:\Windows\system32\RtPgEx64.dll --------- 1692192

03/12/2009 20:50 C:\Windows\system32\RtlCPAPI64.dll --------- 332320

03/12/2009 20:50 C:\Windows\system32\RTSnMg64.cpl --------- 612384

03/12/2009 20:50 C:\Windows\system32\RtkCfg64.dll --------- 149536

03/12/2009 20:50 C:\Windows\system32\RTCOM64.dll --------- 1201184

03/12/2009 20:50 C:\Windows\system32\RtkAPO64.dll --------- 1638944

03/12/2009 20:50 C:\Windows\system32\RtkApi64.dll --------- 469024

03/12/2009 20:50 C:\Windows\system32\RCoInst64.dll --------- 66592

01/12/2009 15:45 C:\Windows\system32\FMAPO64.dll --------- 327584

25/11/2009 01:18 C:\Windows\system32\ATIDEMGX.dll --------- 446464

25/11/2009 01:17 C:\Windows\system32\atieclxx.exe --------- 446976

25/11/2009 01:17 C:\Windows\system32\atiesrxx.exe --------- 202752

25/11/2009 01:15 C:\Windows\system32\atitmm64.dll --------- 120320

25/11/2009 01:15 C:\Windows\system32\atipdl64.dll --------- 421376

25/11/2009 01:15 C:\Windows\system32\atimuixx.dll --------- 12288

25/11/2009 01:15 C:\Windows\system32\atiedu64.dll --------- 59392

25/11/2009 01:04 C:\Windows\system32\atidxx64.dll --------- 3661824

25/11/2009 01:02 C:\Windows\system32\atio6axx.dll --------- 17625088

25/11/2009 00:50 C:\Windows\system32\atiumd64.dll --------- 4683776

25/11/2009 00:43 C:\Windows\system32\atiumd6a.dll --------- 2601984

25/11/2009 00:41 C:\Windows\system32\atiumd6a.cap --------- 402016

25/11/2009 00:25 C:\Windows\system32\atimpc64.dll --------- 53248

25/11/2009 00:25 C:\Windows\system32\amdpcom64.dll --------- 53248

25/11/2009 00:25 C:\Windows\system32\atiadlxx.dll --------- 312320

25/11/2009 00:21 C:\Windows\system32\aticalrt64.dll --------- 43008

25/11/2009 00:21 C:\Windows\system32\aticalcl64.dll --------- 39936

25/11/2009 00:21 C:\Windows\system32\aticaldd64.dll --------- 4740096

24/11/2009 09:55 C:\Windows\system32\SRSTSX64.dll --------- 518896

24/11/2009 09:55 C:\Windows\system32\SRSTSH64.dll --------- 211184

24/11/2009 09:55 C:\Windows\system32\SRSHP64.dll --------- 198896

24/11/2009 09:55 C:\Windows\system32\SRSWOW64.dll --------- 155888

21/11/2009 04:52 C:\Windows\system32\wininet.dll --------- 1147904

21/11/2009 04:51 C:\Windows\system32\urlmon.dll --------- 1484288

21/11/2009 04:50 C:\Windows\system32\occache.dll --------- 243712

21/11/2009 04:47 C:\Windows\system32\mshtml.dll --------- 9237504

21/11/2009 04:47 C:\Windows\system32\msfeeds.dll --------- 700928

21/11/2009 04:47 C:\Windows\system32\msfeedsbs.dll --------- 71680

21/11/2009 04:47 C:\Windows\system32\jsproxy.dll --------- 31744

21/11/2009 04:46 C:\Windows\system32\inetcpl.cpl --------- 1538560

----------------------------------------

 

 

C:\Windows\Prefetch

 

14/01/2010 18:46 C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf --------- 18424

14/01/2010 18:46 C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf --------- 321604

14/01/2010 18:46 C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf --------- 18316

14/01/2010 18:45 C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf --------- 94124

14/01/2010 18:45 C:\Windows\Prefetch\DLLHOST.EXE-896DB558.pf --------- 21378

14/01/2010 18:45 C:\Windows\Prefetch\VERCLSID.EXE-9E4B27CB.pf --------- 21714

14/01/2010 18:44 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf --------- 19584

14/01/2010 18:44 C:\Windows\Prefetch\IEXPLORE.EXE-F6A52C86.pf --------- 169696

14/01/2010 18:44 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf --------- 25574

14/01/2010 18:37 C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf --------- 19650

14/01/2010 18:22 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2217177

14/01/2010 18:22 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 1146208

14/01/2010 18:22 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 4851856

14/01/2010 18:22 C:\Windows\Prefetch\AgRobust.db --------- 541728

14/01/2010 17:26 C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf --------- 49240

14/01/2010 17:26 C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf --------- 50316

14/01/2010 17:21 C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf --------- 113658

14/01/2010 15:35 C:\Windows\Prefetch\WERCON.EXE-FE5CD389.pf --------- 28484

14/01/2010 15:35 C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf --------- 21168

14/01/2010 15:26 C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf --------- 19690

14/01/2010 15:22 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf --------- 30964

14/01/2010 15:22 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 2141474

13/01/2010 21:57 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584

13/01/2010 21:57 C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf --------- 10404

13/01/2010 21:57 C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf --------- 40144

13/01/2010 21:57 C:\Windows\Prefetch\AgCx_SC1.db --------- 557713

13/01/2010 21:57 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 17040

13/01/2010 20:12 C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf --------- 18930

13/01/2010 19:37 C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf --------- 33410

13/01/2010 18:33 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4247687710-4095903958-1810598272-1000.db --------- 912285

13/01/2010 18:33 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4247687710-4095903958-1810598272-1000.db --------- 385007

13/01/2010 18:31 C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf --------- 21354

13/01/2010 18:31 C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf --------- 75098

13/01/2010 18:21 C:\Windows\Prefetch\Layout.ini --------- 1016198

13/01/2010 17:24 C:\Windows\Prefetch\WUAPP.EXE-12372724.pf --------- 33114

13/01/2010 16:28 C:\Windows\Prefetch\WUAUCLT.EXE-830BCC14.pf --------- 307022

13/01/2010 16:28 C:\Windows\Prefetch\DRVINST.EXE-5F8E77CD.pf --------- 88174

12/01/2010 18:31 C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf --------- 22066

12/01/2010 18:28 C:\Windows\Prefetch\ReadyBoot --------- 4096

12/01/2010 18:04 C:\Windows\Prefetch\CONIME.EXE-B273009A.pf --------- 11962

12/01/2010 18:02 C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf --------- 24590

11/01/2010 23:10 C:\Windows\Prefetch\WERFAULT.EXE-0897AE09.pf --------- 59882

11/01/2010 17:21 C:\Windows\Prefetch\SVCHOST.EXE-7488A139.pf --------- 27792

11/01/2010 16:45 C:\Windows\Prefetch\RUNDLL32.EXE-78D878D6.pf --------- 23284

11/01/2010 16:44 C:\Windows\Prefetch\RUNDLL32.EXE-E9416966.pf --------- 29228

11/01/2010 16:43 C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf --------- 34450

11/01/2010 15:59 C:\Windows\Prefetch\MMC.EXE-13B1E27B.pf --------- 68048

10/01/2010 22:25 C:\Windows\Prefetch\DLLHOST.EXE-875FC13D.pf --------- 23446

10/01/2010 22:20 C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf --------- 118896

10/01/2010 22:08 C:\Windows\Prefetch\DLLHOST.EXE-E94BCC12.pf --------- 35260

10/01/2010 21:43 C:\Windows\Prefetch\RUNDLL32.EXE-3E6C7B7C.pf --------- 18250

10/01/2010 21:43 C:\Windows\Prefetch\SVCHOST.EXE-4D8DA32A.pf --------- 25452

10/01/2010 21:40 C:\Windows\Prefetch\EXPLORER.EXE-F6875474.pf --------- 89070

10/01/2010 21:36 C:\Windows\Prefetch\MMC.EXE-5F235681.pf --------- 186788

10/01/2010 21:36 C:\Windows\Prefetch\MENU.EXE-4C039FCC.pf --------- 28304

10/01/2010 21:36 C:\Windows\Prefetch\COMPMGMTLAUNCHER.EXE-0BF80059.pf --------- 27796

10/01/2010 21:36 C:\Windows\Prefetch\SETUP.EXE-9F182B59.pf --------- 34534

10/01/2010 21:32 C:\Windows\Prefetch\DLLHOST.EXE-C5C55E89.pf --------- 63332

10/01/2010 21:28 C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf --------- 62140

10/01/2010 21:18 C:\Windows\Prefetch\WMPLAYER.EXE-61D40ED1.pf --------- 680402

10/01/2010 06:13 C:\Windows\Prefetch\MSASCUI.EXE-6465DB72.pf --------- 21340

10/01/2010 06:03 C:\Windows\Prefetch\MFPMP.EXE-73140A33.pf --------- 37976

10/01/2010 05:24 C:\Windows\Prefetch\WMIPRVSE.EXE-94D7CB13.pf --------- 40032

10/01/2010 04:03 C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf --------- 33354

10/01/2010 04:03 C:\Windows\Prefetch\ISBEW64.EXE-4BA5F2F0.pf --------- 20282

10/01/2010 03:55 C:\Windows\Prefetch\DVDMAKER.EXE-72E6235F.pf --------- 49898

10/01/2010 03:55 C:\Windows\Prefetch\SETUP_WM.EXE-0E4CB6C8.pf --------- 46544

10/01/2010 03:43 C:\Windows\Prefetch\RUNDLL32.EXE-457BF760.pf --------- 15630

10/01/2010 03:43 C:\Windows\Prefetch\RUNDLL32.EXE-7834A53C.pf --------- 33472

10/01/2010 02:50 C:\Windows\Prefetch\SNDVOL.EXE-783DCB11.pf --------- 31820

10/01/2010 02:46 C:\Windows\Prefetch\RUNDLL32.EXE-F00F3AA4.pf --------- 39972

10/01/2010 01:39 C:\Windows\Prefetch\DLLHOST.EXE-7D2183B8.pf --------- 52678

10/01/2010 01:16 C:\Windows\Prefetch\RUNONCE.EXE-E33ED995.pf --------- 18924

10/01/2010 01:16 C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf --------- 178712

10/01/2010 01:15 C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf --------- 21562

10/01/2010 01:15 C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf --------- 14774

10/01/2010 01:15 C:\Windows\Prefetch\MSCORSVW.EXE-657DC389.pf --------- 124988

10/01/2010 01:15 C:\Windows\Prefetch\MSCORSVW.EXE-C735E247.pf --------- 229946

09/01/2010 23:50 C:\Windows\Prefetch\RUNDLL32.EXE-B9EF4314.pf --------- 53238

09/01/2010 23:30 C:\Windows\Prefetch\WSCRIPT.EXE-A36E1053.pf --------- 45650

09/01/2010 23:29 C:\Windows\Prefetch\ATTRIB.EXE-8E828325.pf --------- 12678

09/01/2010 23:28 C:\Windows\Prefetch\VST.X-FREE.AO_2.1.2.1.2.EXE-CBB75420.pf --------- 106874

09/01/2010 23:22 C:\Windows\Prefetch\BOOTINST.EXE-CD9EE2E7.pf --------- 39808

09/01/2010 23:21 C:\Windows\Prefetch\ACTIVATOR.EXE-EBC71248.pf --------- 21982

09/01/2010 23:19 C:\Windows\Prefetch\IE4UINIT.EXE-0BC11EF2.pf --------- 48108

09/01/2010 23:19 C:\Windows\Prefetch\IE4UINIT.EXE-5C765116.pf --------- 59352

09/01/2010 23:11 C:\Windows\Prefetch\COD4MW-1.6-1.7-PATCHSETUP.EXE-E0C44EC0.pf --------- 25184

09/01/2010 23:06 C:\Windows\Prefetch\IEUSER.EXE-DB146D8F.pf --------- 37998

09/01/2010 22:07 C:\Windows\Prefetch\WUAPP.EXE-EE15DE28.pf --------- 15420

09/01/2010 22:05 C:\Windows\Prefetch\RUNDLL32.EXE-5306B49E.pf --------- 18404

09/01/2010 21:53 C:\Windows\Prefetch\RUNDLL32.EXE-E57D03D0.pf --------- 36550

09/01/2010 21:52 C:\Windows\Prefetch\DLLHOST.EXE-01BD8EF6.pf --------- 27440

09/01/2010 21:50 C:\Windows\Prefetch\SVCHOST.EXE-E2D30E5C.pf --------- 22598

09/01/2010 21:43 C:\Windows\Prefetch\RUNDLL32.EXE-725B0D4A.pf --------- 24762

09/01/2010 21:42 C:\Windows\Prefetch\RUNDLL32.EXE-E3DE6420.pf --------- 32986

09/01/2010 21:41 C:\Windows\Prefetch\WMPSHARE.EXE-73C9F24C.pf --------- 23792

09/01/2010 21:41 C:\Windows\Prefetch\UNREGMP2.EXE-F3D7C3D3.pf --------- 88738

09/01/2010 21:41 C:\Windows\Prefetch\UNREGMP2.EXE-448CF5F7.pf --------- 33544

09/01/2010 21:34 C:\Windows\Prefetch\PID.EXE-64A88815.pf --------- 22350

09/01/2010 21:34 C:\Windows\Prefetch\DLLHOST.EXE-7EA5E62D.pf --------- 23386

09/01/2010 21:32 C:\Windows\Prefetch\RUNDLL32.EXE-F04B6BA4.pf --------- 35336

09/01/2010 21:31 C:\Windows\Prefetch\LAUNCHU3.EXE-8715E9E5.pf --------- 34296

09/01/2010 21:30 C:\Windows\Prefetch\IEUSER.EXE-D895AB54.pf --------- 37534

09/01/2010 21:26 C:\Windows\Prefetch\WUSETUPV.EXE-E659F076.pf --------- 17776

09/01/2010 21:26 C:\Windows\Prefetch\LANSETV6.EXE-73064295.pf --------- 42644

09/01/2010 21:25 C:\Windows\Prefetch\PNPUTIL.EXE-5CDF92C7.pf --------- 16404

09/01/2010 21:25 C:\Windows\Prefetch\ISBEW64.EXE-11E04A5B.pf --------- 18792

09/01/2010 21:25 C:\Windows\Prefetch\_ISBF68.EXE-64CBB6BA.pf --------- 55732

09/01/2010 21:25 C:\Windows\Prefetch\SETUP.EXE-2779B355.pf --------- 27724

09/01/2010 21:25 C:\Windows\Prefetch\SET4D83.TMP-0FF35343.pf --------- 68112

09/01/2010 21:25 C:\Windows\Prefetch\SETUP.EXE-155A73B8.pf --------- 27572

09/01/2010 21:24 C:\Windows\Prefetch\HIDE.EXE-4BBF2ABE.pf --------- 24196

09/01/2010 21:23 C:\Windows\Prefetch\DRIUPDATE64.EXE-CF22478B.pf --------- 50182

09/01/2010 21:23 C:\Windows\Prefetch\ISBEW64.EXE-45067BC1.pf --------- 18546

09/01/2010 21:23 C:\Windows\Prefetch\SETUP.EXE-CE270DE4.pf --------- 55754

09/01/2010 21:23 C:\Windows\Prefetch\SETUP.EXE-3BC7827C.pf --------- 31158

09/01/2010 21:22 C:\Windows\Prefetch\WUDFHOST.EXE-81420B07.pf --------- 25462

09/01/2010 21:21 C:\Windows\Prefetch\DIFX64.EXE-985C8EBC.pf --------- 38352

09/01/2010 21:19 C:\Windows\Prefetch\RUNDLL32.EXE-DBDC137A.pf --------- 21320

09/01/2010 21:18 C:\Windows\Prefetch\SETUP.EXE-5502AD5A.pf --------- 33488

09/01/2010 21:16 C:\Windows\Prefetch\RUNDLL32.EXE-AB2961AD.pf --------- 23904

09/01/2010 21:14 C:\Windows\Prefetch\RUNDLL32.EXE-8B1FD299.pf --------- 47412

09/01/2010 21:14 C:\Windows\Prefetch\RUNDLL32.EXE-935475C8.pf --------- 8888

09/01/2010 21:14 C:\Windows\Prefetch\WINMAIL.EXE-D6E90604.pf --------- 72984

09/01/2010 21:14 C:\Windows\Prefetch\RUNDLL32.EXE-399DA194.pf --------- 20292

09/01/2010 21:14 C:\Windows\Prefetch\WINMAIL.EXE-804DDA9F.pf --------- 43814

09/01/2010 21:13 C:\Windows\Prefetch\SPOOLSV.EXE-E4D0FF39.pf --------- 12580

09/01/2010 21:13 C:\Windows\Prefetch\SVCHOST.EXE-2A6E95B3.pf --------- 36742

09/01/2010 21:13 C:\Windows\Prefetch\SVCHOST.EXE-7643E300.pf --------- 36578

09/01/2010 21:13 C:\Windows\Prefetch\SVCHOST.EXE-18D06B2E.pf --------- 41826

09/01/2010 21:13 C:\Windows\Prefetch\SVCHOST.EXE-11B57953.pf --------- 36954

09/01/2010 21:09 C:\Windows\Prefetch\BFSVC.EXE-A870E999.pf --------- 10016

09/01/2010 21:09 C:\Windows\Prefetch\RUNDLL32.EXE-EDEF0580.pf --------- 15088

09/01/2010 21:07 C:\Windows\Prefetch\SVCHOST.EXE-2FFE0083.pf --------- 20464

09/01/2010 21:07 C:\Windows\Prefetch\LSASS.EXE-8DBFE3B9.pf --------- 11840

09/01/2010 21:07 C:\Windows\Prefetch\SETUP.EXE-D62D5295.pf --------- 40028

09/01/2010 21:07 C:\Windows\Prefetch\LSM.EXE-20DE9C3F.pf --------- 5706

09/01/2010 21:07 C:\Windows\Prefetch\SVCHOST.EXE-F5AA802A.pf --------- 16306

09/01/2010 21:07 C:\Windows\Prefetch\WINLOGON.EXE-8163EECC.pf --------- 18966

09/01/2010 21:07 C:\Windows\Prefetch\SERVICES.EXE-2260497F.pf --------- 10294

09/01/2010 21:07 C:\Windows\Prefetch\AgAppLaunch.db --------- 334168

----------------------------------------

 

 

C:\Windows\Tasks

 

14/01/2010 17:23 C:\Windows\Tasks\User_Feed_Synchronization-{8FDDE380-6BB2-4444-B5A2-CEF46124C97F}.job --------- 422

14/01/2010 15:22 C:\Windows\Tasks\SA.DAT --------- 6

13/01/2010 21:57 C:\Windows\Tasks\SCHEDLGU.TXT --------- 17580

----------------------------------------

 

 

C:\Windows\Temp

 

11/01/2010 17:19 C:\Windows\Temp\Silverlight0.log --------- 1886

11/01/2010 17:19 C:\Windows\Temp\SilverlightMSI.log --------- 597280

11/01/2010 02:05 C:\Windows\Temp\MpCmdRun.log --------- 3688

10/01/2010 21:40 C:\Windows\Temp\HTT2B39.tmp --------- 1239534

10/01/2010 21:40 C:\Windows\Temp\HTT2974.tmp --------- 1392174

10/01/2010 21:40 C:\Windows\Temp\HTT2905.tmp --------- 1455535

10/01/2010 21:40 C:\Windows\Temp\HTT28C5.tmp --------- 1488654

10/01/2010 21:40 C:\Windows\Temp\HTT2896.tmp --------- 1490095

10/01/2010 21:40 C:\Windows\Temp\HTT1AAC.tmp --------- 1174734

10/01/2010 21:40 C:\Windows\Temp\HTT1ADC.tmp --------- 1647054

10/01/2010 21:40 C:\Windows\Temp\HTT1B0C.tmp --------- 1658577

10/01/2010 21:40 C:\Windows\Temp\HTT1B3C.tmp --------- 1521775

10/01/2010 21:40 C:\Windows\Temp\HTT1B5C.tmp --------- 1418094

10/01/2010 21:40 C:\Windows\Temp\HTT1B8C.tmp --------- 1668653

10/01/2010 21:40 C:\Windows\Temp\HTT1D15.tmp --------- 1503056

10/01/2010 21:40 C:\Windows\Temp\HTT1D35.tmp --------- 1586575

10/01/2010 21:40 C:\Windows\Temp\HTT1D45.tmp --------- 1734894

10/01/2010 21:40 C:\Windows\Temp\HTT1E6F.tmp --------- 1373455

10/01/2010 21:40 C:\Windows\Temp\HTT2093.tmp --------- 1556334

10/01/2010 21:40 C:\Windows\Temp\HTT20B3.tmp --------- 1579374

10/01/2010 21:40 C:\Windows\Temp\HTT21CD.tmp --------- 2106414

10/01/2010 21:40 C:\Windows\Temp\HTT2279.tmp --------- 1579376

10/01/2010 21:40 C:\Windows\Temp\HTT22D8.tmp --------- 1603856

10/01/2010 21:40 C:\Windows\Temp\HTT2308.tmp --------- 1693134

10/01/2010 21:40 C:\Windows\Temp\HTT2431.tmp --------- 1776656

10/01/2010 21:29 C:\Windows\Temp\DMID1FD.tmp --------- 0

10/01/2010 21:28 C:\Windows\Temp\DMI50AE.tmp --------- 0

09/01/2010 22:48 C:\Windows\Temp\MpSigStub.log --------- 3168

09/01/2010 22:20 C:\Windows\Temp\DWDE697.tmp --------- 0

09/01/2010 21:14 C:\Windows\Temp\WinSAT_StorageAsmt.etl --------- 3145728

09/01/2010 21:12 C:\Windows\Temp\WinSAT_DX.etl --------- 1048576

09/01/2010 21:12 C:\Windows\Temp\WinSAT_KernelLog.etl --------- 3145728

09/01/2010 21:09 C:\Windows\Temp\FXSAPIDebugLogFile.txt --------- 0

09/01/2010 21:09 C:\Windows\Temp\FXSTIFFDebugLogFile.txt --------- 0

09/01/2010 21:08 C:\Windows\Temp\DMI5B39.tmp --------- 0

09/01/2010 21:08 C:\Windows\Temp\DMI4F57.tmp --------- 0

09/01/2010 21:07 C:\Windows\Temp\DMIF67E.tmp --------- 0

----------------------------------------

 

 

C:\Users\Roberto\AppData\Local\Temp

 

14/01/2010 18:45 C:\Users\Roberto\AppData\Local\Temp\Low --------- 0

14/01/2010 18:45 C:\Users\Roberto\AppData\Local\Temp\~DF236C.tmp --------- 20480

14/01/2010 18:44 C:\Users\Roberto\AppData\Local\Temp\~DFD518.tmp --------- 36864

14/01/2010 18:44 C:\Users\Roberto\AppData\Local\Temp\~DFD26E.tmp --------- 16384

14/01/2010 18:44 C:\Users\Roberto\AppData\Local\Temp\Roberto.bmp --------- 24060

14/01/2010 15:22 C:\Users\Roberto\AppData\Local\Temp\WPDNSE --------- 0

13/01/2010 16:24 C:\Users\Roberto\AppData\Local\Temp\Cookies --------- 0

13/01/2010 16:23 C:\Users\Roberto\AppData\Local\Temp\History --------- 0

13/01/2010 16:23 C:\Users\Roberto\AppData\Local\Temp\Temporary Internet Files --------- 0

11/01/2010 18:24 C:\Users\Roberto\AppData\Local\Temp\msohtmlclip1 --------- 0

11/01/2010 18:24 C:\Users\Roberto\AppData\Local\Temp\msohtmlclip --------- 0

11/01/2010 16:44 C:\Users\Roberto\AppData\Local\Temp\lpksetup-20100111-164458-0.log --------- 670

11/01/2010 16:44 C:\Users\Roberto\AppData\Local\Temp\lpksetup-20100111-164443-0.log --------- 15964

11/01/2010 01:57 C:\Users\Roberto\AppData\Local\Temp\VBE --------- 0

10/01/2010 21:45 C:\Users\Roberto\AppData\Local\Temp\AdobeARM.log --------- 8374

10/01/2010 21:39 C:\Users\Roberto\AppData\Local\Temp\MSIbad03.LOG --------- 872

10/01/2010 21:29 C:\Users\Roberto\AppData\Local\Temp\DMI21C2.tmp --------- 0

10/01/2010 21:19 C:\Users\Roberto\AppData\Local\Temp\wmplog01.sqm --------- 1450

10/01/2010 06:29 C:\Users\Roberto\AppData\Local\Temp\WinSAT_StorageAsmt.etl --------- 3145728

10/01/2010 06:28 C:\Users\Roberto\AppData\Local\Temp\WinSAT_DX.etl --------- 29360128

10/01/2010 06:28 C:\Users\Roberto\AppData\Local\Temp\WinSAT_KernelLog.etl --------- 12582912

10/01/2010 06:23 C:\Users\Roberto\AppData\Local\Temp\PrintPreview.hta --------- 30508

10/01/2010 06:10 C:\Users\Roberto\AppData\Local\Temp\wmplog00.sqm --------- 2746

10/01/2010 05:25 C:\Users\Roberto\AppData\Local\Temp\MessengerCache --------- 0

10/01/2010 04:02 C:\Users\Roberto\AppData\Local\Temp\{59C3BE44-40E9-4A6E-A704-1BE671F306D5} --------- 0

10/01/2010 03:55 C:\Users\Roberto\AppData\Local\Temp\wmsetup.log --------- 4783

10/01/2010 01:58 C:\Users\Roberto\AppData\Local\Temp\~e5.0001 --------- 72192

10/01/2010 01:40 C:\Users\Roberto\AppData\Local\Temp\pbsE68F.tmp --------- 385024

10/01/2010 01:39 C:\Users\Roberto\AppData\Local\Temp\pbsA23C.tmp --------- 0

10/01/2010 01:39 C:\Users\Roberto\AppData\Local\Temp\{5141424b-ecfa-4d96-80e3-914da9196593} --------- 0

10/01/2010 00:38 C:\Users\Roberto\AppData\Local\Temp\CFGD5B6.tmp --------- 123

10/01/2010 00:38 C:\Users\Roberto\AppData\Local\Temp\CFG9463.tmp --------- 123

09/01/2010 23:56 C:\Users\Roberto\AppData\Local\Temp\nsvAE2B.tmp --------- 0

09/01/2010 23:38 C:\Users\Roberto\AppData\Local\Temp\RarSFX1 --------- 0

09/01/2010 23:22 C:\Users\Roberto\AppData\Local\Temp\RarSFX0 --------- 0

09/01/2010 23:07 C:\Users\Roberto\AppData\Local\Temp\MSI55b8b.LOG --------- 324

09/01/2010 22:48 C:\Users\Roberto\AppData\Local\Temp\SetupExe(20100109223343C1C).log --------- 126761

09/01/2010 21:31 C:\Users\Roberto\AppData\Local\Temp\U3Launcher.log --------- 2980

09/01/2010 21:26 C:\Users\Roberto\AppData\Local\Temp\{BCF5F8D6-F7E1-4459-B206-2AD9EDAD1466} --------- 0

09/01/2010 21:26 C:\Users\Roberto\AppData\Local\Temp\{1DBFBFBF-56BF-4630-BBDC-4BAC8B28A978} --------- 4096

09/01/2010 21:25 C:\Users\Roberto\AppData\Local\Temp\isp55C0.tmp --------- 0

09/01/2010 21:24 C:\Users\Roberto\AppData\Local\Temp\{96870593-1BA5-4C97-98A5-73BC018AAA69} --------- 0

09/01/2010 21:14 C:\Users\Roberto\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0

31/08/2007 01:12 C:\Users\Roberto\AppData\Local\Temp\_isBF68.exe --------- 460248

27/10/2006 20:14 C:\Users\Roberto\AppData\Local\Temp\ose00000.exe --------- 145184

18/09/2006 17:31 C:\Users\Roberto\AppData\Local\Temp\Catalyst.bmp --------- 57656

06/04/2005 21:39 C:\Users\Roberto\AppData\Local\Temp\set4D83.tmp --------- 121064

26/12/2004 22:52 C:\Users\Roberto\AppData\Local\Temp\IEC6E2D.tmp --------- 346602

26/12/2004 22:52 C:\Users\Roberto\AppData\Local\Temp\SetAB1D.tmp --------- 168448

----------------------------------------

 

 

C:\Program Files

 

----------------------------------------

 

 

C:\ProgramData\..

 

Roberto

Default

desktop.ini

Default User

All Users

Public

----------------------------------------

 

 

C:\Windows\system32\drivers\etc\hosts

 

127.0.0.1 localhost

 

 

 

 

 

C:\Users\Roberto\Dados de aplicativos

 

----------------------------------------

 

 

C:\Documents and Settings\All Users\Dados de aplicativos

 

----------------------------------------

 

 

 

Nome da imagem Identifi Nome da sessÆo SessÆo# Uso de mem¢r

========================= ======== ================ =========== ============

System Idle Process 0 Services 0 24 K

System 4 Services 0 5.948 K

smss.exe 540 Services 0 2.088 K

csrss.exe 608 Services 0 121.876 K

wininit.exe 660 Services 0 15.744 K

csrss.exe 680 Console 1 24.476 K

services.exe 712 Services 0 17.568 K

lsass.exe 728 Services 0 4.012 K

lsm.exe 736 Services 0 16.844 K

winlogon.exe 840 Console 1 19.132 K

svchost.exe 912 Services 0 18.848 K

svchost.exe 972 Services 0 19.212 K

svchost.exe 348 Services 0 36.976 K

svchost.exe 460 Services 0 199.156 K

svchost.exe 548 Services 0 117.168 K

audiodg.exe 392 Services 0 19.952 K

svchost.exe 1036 Services 0 18.604 K

SLsvc.exe 1056 Services 0 24.312 K

svchost.exe 1100 Services 0 29.976 K

svchost.exe 1288 Services 0 35.920 K

spoolsv.exe 1496 Services 0 28.040 K

svchost.exe 1552 Services 0 33.132 K

taskeng.exe 1628 Console 1 30.556 K

dwm.exe 1712 Console 1 58.416 K

explorer.exe 1804 Console 1 99.096 K

taskeng.exe 1852 Services 0 18.288 K

egui.exe 1504 Console 1 27.036 K

RAVCpl64.exe 1616 Console 1 28.472 K

sidebar.exe 1620 Console 1 52.360 K

sidebar.exe 2116 Console 1 44.996 K

ekrn.exe 2308 Services 0 97.496 K

PnkBstrA.exe 2428 Services 0 38.512 K

svchost.exe 2484 Services 0 17.684 K

svchost.exe 2500 Services 0 20.656 K

svchost.exe 2536 Services 0 11.756 K

SearchIndexer.exe 2604 Services 0 129.260 K

unsecapp.exe 2416 Console 1 18.632 K

WmiPrvSE.exe 2004 Services 0 19.644 K

MOM.exe 3100 Console 1 4.776 K

CCC.exe 3172 Console 1 13.828 K

ielowutil.exe 1672 Console 1 5.944 K

iexplore.exe 2596 Console 1 30.340 K

iexplore.exe 3192 Console 1 67.472 K

SearchProtocolHost.exe 284 Services 0 13.252 K

SearchFilterHost.exe 2392 Services 0 10.048 K

FlashUtil10e_ActiveX.exe 12 Console 1 6.716 K

iexplore.exe 2468 Console 1 77.320 K

cmd.exe 2576 Console 1 3.700 K

conime.exe 1108 Console 1 4.184 K

WmiPrvSE.exe 3728 Services 0 8.116 K

tasklist.exe 3388 Console 1 5.752 K

 

 

***** Ende des Scans 14/01/2010 um 18:46:53,28 ***

 

 

 

 

relatório2:

 

 

 

Microsoft Windows [versÆo 6.0.6002]

 

14/01/2010

18:46

 

#######(Arquivos Ocultos)#######

 

((Encontrado))C:\pagefile.sys ---------

----------------------------------------

----------------------------------------

 

 

#######((Processos Ativos))#######

 

CommandLine CSName Description ExecutablePath ExecutionState Handle HandleCount InstallDate KernelModeTime MaximumWorkingSetSize MinimumWorkingSetSize Name OSName OtherOperationCount OtherTransferCount PageFaults PageFileUsage ParentProcessId PeakPageFileUsage PeakVirtualSize PeakWorkingSetSize Priority PrivatePageCount ProcessId QuotaNonPagedPoolUsage QuotaPagedPoolUsage QuotaPeakNonPagedPoolUsage QuotaPeakPagedPoolUsage ReadOperationCount ReadTransferCount SessionId Status TerminationDate ThreadCount UserModeTime VirtualSize WindowsVersion WorkingSetSize WriteOperationCount WriteTransferCount

BETINHO System Idle Process 0 0 181353190513 System Idle Process Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 0 0 1 0 0 0 0 24 0 0 0 0 0 0 0 0 0 0 2 0 0 6.0.6002 24576 0 0

BETINHO System 4 549 405914602 System Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 32513 2759065 18121 0 0 0 23478272 12916 8 4042752 4 0 0 0 0 3534 232725368 0 124 0 17285120 6.0.6002 6090752 36200 173660553

\SystemRoot\System32\smss.exe BETINHO smss.exe 540 28 312002 1380 200 smss.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 431 9951 727 472 4 532 17383424 2088 11 483328 540 2 11 6 35 11 29210 0 4 0 6033408 6.0.6002 2138112 9 1064

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 BETINHO csrss.exe C:\Windows\system32\csrss.exe 608 510 11544074 1380 200 csrss.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 4077 41392 32730 2564 596 2612 180633600 121964 13 2625536 608 11 344 12 353 343 881997 0 11 468003 161492992 6.0.6002 124801024 0 0

wininit.exe BETINHO wininit.exe C:\Windows\system32\wininit.exe 660 100 780005 1380 200 wininit.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 3817 25618 4468 1736 596 2052 60424192 15744 13 1777664 660 8 108 11 115 4 22132 0 3 312002 54333440 6.0.6002 16121856 1 160

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 BETINHO csrss.exe C:\Windows\system32\csrss.exe 680 422 68796441 1380 200 csrss.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 8339 56460 94929 3216 672 17640 194007040 125340 13 3293184 680 12 342 13 354 246486 6874085 1 10 3744024 165638144 6.0.6002 24981504 0 0

C:\Windows\system32\services.exe BETINHO services.exe C:\Windows\system32\services.exe 712 224 9048058 1380 200 services.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 13355 1364812 10686 3080 660 4612 52772864 17852 9 3153920 712 13 86 29 109 63 302628 0 6 936006 37724160 6.0.6002 17989632 221 752024

C:\Windows\system32\lsass.exe BETINHO lsass.exe C:\Windows\system32\lsass.exe 728 637 7956051 1380 200 lsass.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 40710 396070 18041 4284 660 4544 55820288 21812 9 4386816 728 23 110 30 116 20959 1530541 0 11 4836031 53030912 6.0.6002 4108288 19164 2098413

C:\Windows\system32\lsm.exe BETINHO lsm.exe C:\Windows\system32\lsm.exe 736 172 312002 1380 200 lsm.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 171 860 5142 2936 660 3160 34332672 16924 8 3006464 736 7 60 9 61 1 116 0 9 0 33284096 6.0.6002 17248256 1 160

winlogon.exe BETINHO winlogon.exe C:\Windows\system32\winlogon.exe 840 128 2028013 1380 200 winlogon.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 4947 32082 6099 2968 672 3984 64831488 19204 13 3039232 840 7 112 13 117 10 37332 1 3 468003 61521920 6.0.6002 19591168 3 436

C:\Windows\system32\svchost.exe -k DcomLaunch BETINHO svchost.exe C:\Windows\system32\svchost.exe 912 307 30576196 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 101936 1815284 161960 3940 712 4036 49750016 19144 8 4034560 912 9 86 12 93 34 3472 0 7 9048058 44441600 6.0.6002 19300352 34 4388

C:\Windows\system32\svchost.exe -k rpcss BETINHO svchost.exe C:\Windows\system32\svchost.exe 972 330 2340015 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 1195 16916 6800 4564 712 4608 44785664 19236 8 4673536 972 15 94 15 94 9 872 0 8 4056026 43655168 6.0.6002 19673088 9 1148

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted BETINHO svchost.exe C:\Windows\System32\svchost.exe 348 456 5148033 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 16368 645461 13553 18948 712 19256 99278848 37108 8 19402752 348 25 129 29 164 1323 2413252 0 22 2184014 85340160 6.0.6002 37863424 958 867616

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted BETINHO svchost.exe C:\Windows\System32\svchost.exe 460 491 205609318 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 467258 17198424829 750347 180240 712 385792 511057920 231888 8 184565760 460 27 158 30 591 556 37019308 0 34 392186514 300253184 6.0.6002 203935744 186 35274456

C:\Windows\system32\svchost.exe -k netsvcs BETINHO svchost.exe C:\Windows\system32\svchost.exe 548 1289 34008218 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 24120 2650596 243485 87828 712 302092 939245568 229064 8 89935872 548 86 278 162 715 31790 566476344 0 50 40560260 525918208 6.0.6002 119980032 4512 30076108

BETINHO audiodg.exe 392 121 10920070 audiodg.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 383016 14895890 233073 17444 348 29032 74047488 31320 8 17862656 392 9 89 15 92 676 70464 0 4 46020295 56729600 6.0.6002 20430848 676 57760

C:\Windows\system32\svchost.exe -k GPSvcGroup BETINHO svchost.exe C:\Windows\system32\svchost.exe 1036 145 624004 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 448 3528 4887 3956 712 4008 42307584 18620 8 4050944 1036 8 71 9 71 35 4028 0 5 156001 41259008 6.0.6002 19050496 15 1676

C:\Windows\system32\SLsvc.exe BETINHO SLsvc.exe C:\Windows\system32\SLsvc.exe 1056 95 12636081 1380 200 SLsvc.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 667 16994 18540 8556 712 14296 61108224 24352 8 8761344 1056 7 93 8 94 1289 2560882 0 4 4056026 60059648 6.0.6002 24895488 11 22334

C:\Windows\system32\svchost.exe -k LocalService BETINHO svchost.exe C:\Windows\system32\svchost.exe 1100 523 1092007 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 10938 369244 8481 10668 712 11348 107876352 30168 8 10924032 1100 44 164 52 170 228 14992 0 35 312002 101015552 6.0.6002 30695424 170 14496

C:\Windows\system32\svchost.exe -k NetworkService BETINHO svchost.exe C:\Windows\system32\svchost.exe 1288 555 3432022 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 55493 2635098 13947 16828 712 17444 133074944 36764 8 17231872 1288 33 153 37 154 1171 317344 0 27 1716011 130584576 6.0.6002 36782080 100 546017

C:\Windows\System32\spoolsv.exe BETINHO spoolsv.exe C:\Windows\System32\spoolsv.exe 1496 316 1248008 1380 200 spoolsv.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 9364 44427 11672 8488 712 8868 114438144 28128 8 8691712 1496 19 184 22 186 33 2579 0 16 624004 111751168 6.0.6002 28712960 35 23560

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork BETINHO svchost.exe C:\Windows\system32\svchost.exe 1552 277 2340015 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 5859 441546 37569 16136 712 62688 148799488 59760 8 16523264 1552 31 96 37 133 1106 59332412 0 17 4992032 79089664 6.0.6002 33927168 40 438878

taskeng.exe {CA560FBE-4CDF-4769-8C13-C6FF5191F704} BETINHO taskeng.exe C:\Windows\system32\taskeng.exe 1628 347 1872012 1380 200 taskeng.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 1521 10725 9516 11348 548 11424 120385536 30796 8 11620352 1628 19 196 20 211 177 950360 1 14 468003 112115712 6.0.6002 31289344 3 480

"C:\Windows\system32\Dwm.exe" BETINHO dwm.exe C:\Windows\system32\Dwm.exe 1712 183 216373387 2097152 51200 dwm.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 1064 18964 176377 40700 460 259356 361799680 102388 13 41676800 1712 15 220 15 605 6 696 1 7 910421836 158257152 6.0.6002 59817984 6 960

C:\Windows\Explorer.EXE BETINHO explorer.exe C:\Windows\Explorer.EXE 1804 708 51324329 1380 200 explorer.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 86650 1727452 81742 40656 1668 250044 467427328 103548 8 41631744 1804 64 440 71 845 4116 4808722 1 28 31512202 259219456 6.0.6002 101474304 50 225421

taskeng.exe {768642DA-3E73-43DC-B789-BD6DC0685096} BETINHO taskeng.exe C:\Windows\system32\taskeng.exe 1852 134 156001 1380 200 taskeng.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 471 2994 4760 2704 548 2772 64528384 18352 6 2768896 1852 10 114 11 115 13 14004 0 5 312002 62119936 6.0.6002 18726912 5 492

"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice BETINHO egui.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe 1504 114 2964019 1380 200 egui.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 880 3074 6989 4996 1804 5052 93933568 27068 8 5115904 1504 11 158 12 163 673 2747262 1 6 4992032 91279360 6.0.6002 27684864 0 0

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s BETINHO RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1616 236 1404009 1380 200 RAVCpl64.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 4703 352242 7993 11012 1804 11568 114909184 29964 8 11276288 1616 12 178 13 182 2 232 1 9 312002 109858816 6.0.6002 29155328 2 320

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun BETINHO sidebar.exe C:\Program Files\Windows Sidebar\sidebar.exe 1620 415 281113802 1380 200 sidebar.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 22350 183698 2746294 21520 1804 22712 167870464 54172 8 22036480 1620 26 262 29 267 4694 8241854 1 12 660352233 163639296 6.0.6002 53649408 53 41717

C:\Program Files\Windows Sidebar\sidebar.exe /autoRun BETINHO sidebar.exe C:\Program Files\Windows Sidebar\sidebar.exe 2116 374 8424054 1380 200 sidebar.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 4232 54910 29433 13188 1620 16408 158457856 47964 8 13504512 2116 23 249 29 267 205 417415 1 8 18096116 149413888 6.0.6002 46075904 85 69276

"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" BETINHO ekrn.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 2308 303 241957551 1380 200 ekrn.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 496782 26624066 2146355 50780 712 116700 204820480 130868 8 51998720 2308 20 132 28 133 1056513 3534744018 0 18 4253991269 133099520 6.0.6002 99835904 29139 189175295

C:\Windows\SysWOW64\PnkBstrA.exe BETINHO PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrA.exe 2428 226 780005 1380 200 PnkBstrA.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 2159 26542 10857 3856 712 4996 61833216 38820 8 3948544 2428 16 97 18 98 65 3232009 0 5 468003 57630720 6.0.6002 39436288 43 1724504

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted BETINHO svchost.exe C:\Windows\system32\svchost.exe 2484 122 624004 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 1805 40456 4740 3032 712 3088 44363776 17724 8 3104768 2484 10 79 11 80 11 1116 0 5 0 43839488 6.0.6002 18108416 11 1468

C:\Windows\system32\svchost.exe -k imgsvc BETINHO svchost.exe C:\Windows\system32\svchost.exe 2500 141 312002 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 437 3124 5322 5256 712 5364 69263360 20692 8 5382144 2500 10 109 11 110 8 758 0 7 0 68198400 6.0.6002 21151744 8 988

C:\Windows\System32\svchost.exe -k WerSvcGroup BETINHO svchost.exe C:\Windows\System32\svchost.exe 2536 42 2652017 1380 200 svchost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 25796 484444 2950 1128 712 1184 19550208 11760 8 1155072 2536 4 33 6 33 6 526 0 4 0 19025920 6.0.6002 12021760 6 668

C:\Windows\system32\SearchIndexer.exe /Embedding BETINHO SearchIndexer.exe C:\Windows\system32\SearchIndexer.exe 2604 808 14196091 1380 200 SearchIndexer.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 47435 4118588 62198 110476 712 115224 271900672 131476 8 113127424 2604 24 187 93 190 3431 3055348 0 20 7020045 252870656 6.0.6002 132362240 5909 40995072

C:\Windows\system32\wbem\unsecapp.exe -Embedding BETINHO unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe 2416 78 468003 1380 200 unsecapp.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 166 1300 5703 2956 912 2988 61202432 18636 8 3026944 2416 6 107 8 108 2 232 1 3 1404009 59240448 6.0.6002 19079168 2 320

C:\Windows\system32\wbem\wmiprvse.exe BETINHO WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe 2004 121 1872012 1380 200 WmiPrvSE.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 13026 2395542 7108 3920 912 4596 41713664 19728 8 4014080 2004 8 69 11 71 12 1392 0 6 6864044 40058880 6.0.6002 20115456 27 2429

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" BETINHO MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 3100 333 936006 1380 200 MOM.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 1439 13556 37357 39056 1604 41108 596135936 58496 8 39993344 3100 29 315 31 316 44 79179 1 14 3276021 592662528 6.0.6002 4890624 25 6620

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 BETINHO CCC.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3172 631 14040090 1380 200 CCC.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 13049 40858 111194 64316 3100 72952 669396992 118964 8 65859584 3172 59 392 72 408 73 186523 1 18 49920320 650608640 6.0.6002 14159872 51 102585

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding BETINHO ielowutil.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe 1672 76 156001 1380 200 ielowutil.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 164 860 1598 1512 2148 1568 59793408 5948 8 1548288 1672 7 109 7 109 1 92 1 2 312002 58097664 6.0.6002 6086656 1 116

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" BETINHO iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe 2596 478 11232072 1380 200 iexplore.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 13588 1799468 46126 16848 1804 19656 201961472 44780 8 17252352 2596 35 262 42 332 1416 656717 1 14 7020045 155967488 6.0.6002 31068160 368 414695

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2596 CREDAT:71937 BETINHO iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe 3192 833 26520170 1380 200 iexplore.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 16499 306466 141900 76968 2596 77188 273444864 73724 8 78815232 3192 45 291 61 333 1219 1870874 1 29 98748633 261701632 6.0.6002 69091328 1666 1987842

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" BETINHO SearchProtocolHost.exe C:\Windows\system32\SearchProtocolHost.exe 284 351 312002 32768 200 SearchProtocolHost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 3447 37222 3608 6528 2604 6896 85549056 13296 4 6684672 284 12 165 15 167 60 89550 0 4 312002 84811776 6.0.6002 13570048 40 4544

"C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652 BETINHO SearchFilterHost.exe C:\Windows\system32\SearchFilterHost.exe 2392 140 156001 32768 200 SearchFilterHost.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 744 8298 2941 4856 2604 5024 77176832 10132 4 4972544 2392 9 159 10 162 326 26704 0 4 312002 76337152 6.0.6002 10289152 6 960

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e_ActiveX.exe -Embedding BETINHO FlashUtil10e_ActiveX.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e_ActiveX.exe 12 91 312002 1380 200 FlashUtil10e_ActiveX.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 984 17428 1881 2000 912 2172 78360576 6820 8 2048000 12 8 136 9 137 53 13328 1 2 468003 74428416 6.0.6002 6877184 1 116

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2596 CREDAT:6404 BETINHO iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe 2468 756 15444099 1380 200 iexplore.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 13059 247065 104693 82172 2596 82180 276848640 76956 8 84144128 2468 44 315 58 337 1148 1575799 1 31 23244149 272941056 6.0.6002 72871936 1532 1603359

"C:\Windows\System32\cmd.exe" /C "C:\Users\Roberto\Desktop\HJTScanlist4\HJTScanlist\HJTScanlist.bat" BETINHO cmd.exe C:\Windows\System32\cmd.exe 2576 23 13260085 1380 200 cmd.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 104210 2159794 1096 2668 1804 3148 21118976 3436 8 2732032 2576 3 38 4 39 5174 3496124 1 1 4368028 19611648 6.0.6002 3485696 3200 124508

C:\Windows\system32\conime.exe BETINHO conime.exe C:\Windows\system32\conime.exe 1108 33 312002 1380 200 conime.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 42 362 1066 2036 2576 2064 58990592 4184 8 2084864 1108 5 99 5 113 0 0 1 1 0 51916800 6.0.6002 4284416 0 0

WMIC Process list BETINHO WMIC.exe C:\Windows\System32\Wbem\WMIC.exe 316 152 0 1380 200 WMIC.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 525 1696 3004 5208 2576 5208 94527488 10956 8 5332992 316 10 161 10 161 8 3430 1 4 156001 94183424 6.0.6002 11218944 5 628

C:\Windows\system32\wbem\wmiprvse.exe BETINHO WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe 3728 125 0 1380 200 WmiPrvSE.exe Microsoft© Windows VistaT Ultimate |C:\Windows|\Device\Harddisk0\Partition1 799 2882 1953 3908 912 3908 45322240 7420 8 4001792 3728 8 79 9 79 13 34558 0 6 156001 45297664 6.0.6002 7598080 12 1296

 

----------------------------------------

 

 

##########(Entradas de Registro)##########

((HKEY_LOCAL_MACHINE..\Run))

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

egui REG_SZ "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

RtHDVCpl REG_SZ C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

 

 

((HKEY_CURRENT_USER..\Run))

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

 

----------------------------------------

 

((HKEY_USERS\..\Run))

 

 

 

##########(Entradas de Registro)##########

((HKEY_LOCAL_MACHINE\Policies\Explorer..\Run))

 

 

----------------------------------------

 

 

######(Chaves de Registro)######

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL

RegPath REG_SZ Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Text REG_SZ @shell32.dll,-30500

Type REG_SZ radio

CheckedValue REG_DWORD 0x1

ValueName REG_SZ Hidden

DefaultValue REG_DWORD 0x2

HKeyRoot REG_DWORD 0x80000001

HelpID REG_SZ shell.hlp#51105

 

----------------------------------------

 

 

######(Chaves de Registro)######

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center

cval REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc

 

----------------------------------------

 

 

######(Chaves de Registro)######

 

 

----------------------------------------

 

 

##########(Authorized Applications List)##########

((HKEY_LOCAL_MACHINE..\FirewallPolicy\StandardProfile\GloballyOpenPorts\List))

 

 

----------------------------------------

 

 

##########(Authorized Applications List)##########

((HKEY_LOCAL_MACHINE..\FirewallPolicy\DomainProfile\AuthorizedApplications\List))

 

 

----------------------------------------

 

 

##########(Authorized Applications List)##########

((HKEY_LOCAL_MACHINE..\FirewallPolicy\StandardProfile\AuthorizedApplications\List))

 

 

----------------------------------------

 

 

##########(Explorer\MountPoints2)##########

((HKEY_CURRENT_USER\SOFTWARE...\Explorer\MountPoints2))

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{6a789c10-fd73-11de-ba9a-806e6f6e6963}

Data REG_BINARY 000000000DF0ADBA41000000080000000000008000000000000000300000000000000000FF002700FF000000160000002C6AE0FE5C005C003F005C00530054004F005200410047004500230056006F006C0075006D006500230031002600310039006600370065003500390063002600300026005300690067006E006100740075007200650042004400390030004200440039004F00660066007300650074003100300030003000300030004C0065006E00670074006800340041003800350042003000300030003000300023007B00350033006600350036003300300064002D0062003600620066002D0031003100640030002D0039003400660032002D003000300061003000630039003100650066006200380062007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0056006F006C0075006D0065007B00360061003700380039006300310030002D0066006400370033002D0031003100640065002D0062006100390061002D003800300036006500360066003600650036003900360033007D005C0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004E0054004600530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000

Generation REG_DWORD 0x1

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{6a789c13-fd73-11de-ba9a-806e6f6e6963}

Data REG_BINARY 000000000DF0ADBA0100000010000000FF030080BDADDBBA000000000000000000000000BDADDBBABDADDBBABDADDBBABDADDBBA5C005C003F005C0049004400450023004300640052006F006D00540053005300540063006F00720070005F004300440044005600440057005F00530048002D00530032003000330044005F005F005F005F005F005F005F005F005F005F005F005F005F005F005F005F0053004200300031005F005F005F005F00230035002600610032003200390038006300650026003000260031002E0031002E00300023007B00350033006600350036003300300064002D0062003600620066002D0031003100640030002D0039003400660032002D003000300061003000630039003100650066006200380062007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0056006F006C0075006D0065007B00360061003700380039006300310033002D0066006400370033002D0031003100640065002D0062006100390061002D003800300036006500360066003600650036003900360033007D005C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000

Generation REG_DWORD 0x1

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{6a789c14-fd73-11de-ba9a-806e6f6e6963}

Data REG_BINARY 000000000DF0ADBA000000000100000000000080BDADDBBA000000000000000000000000BDADDBBABDADDBBABDADDBBABDADDBBA5C005C003F005C004600440043002300470045004E0045005200490043005F0046004C004F005000500059005F004400520049005600450023003500260032003000340037006100310063006300260030002600300023007B00350033006600350036003300300064002D0062003600620066002D0031003100640030002D0039003400660032002D003000300061003000630039003100650066006200380062007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0056006F006C0075006D0065007B00360061003700380039006300310034002D0066006400370033002D0031003100640065002D0062006100390061002D003800300036006500360066003600650036003900360033007D005C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000

Generation REG_DWORD 0x1

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731502-fd74-11de-a8f7-d4da4292157c}

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731502-fd74-11de-a8f7-d4da4292157c}\shell

(padrÆo) REG_SZ None

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731502-fd74-11de-a8f7-d4da4292157c}\shell\Autoplay

MUIVerb REG_SZ @shell32.dll,-8507

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731502-fd74-11de-a8f7-d4da4292157c}\shell\Autoplay\DropTarget

CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\shell

(padrÆo) REG_SZ AutoRun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\shell\Autoplay

MUIVerb REG_SZ @shell32.dll,-8507

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\shell\Autoplay\DropTarget

CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\shell\AutoRun

(padrÆo) REG_SZ Instalar ou executar programa

SetWorkingDirectoryFromTarget REG_SZ

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\shell\AutoRun\command

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\_Autorun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}\_Autorun\DefaultIcon

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c10-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c13-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c13-fd73-11de-ba9a-806e6f6e6963}\_Autorun

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c13-fd73-11de-ba9a-806e6f6e6963}\_Autorun\DefaultIcon

(padrÆo) REG_SZ D:\I.ICO,0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c14-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

 

----------------------------------------

 

 

##########(Explorer\MountPoints2)##########

((HKEY_USERS\.DEFAULT\SOFTWARE...\Explorer\MountPoints2))

 

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554b9-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554ba-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554bb-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554bc-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554bd-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554be-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554bf-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554c2-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c8554c3-26af-11de-b82b-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731502-fd74-11de-a8f7-d4da4292157c}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34731505-fd74-11de-a8f7-d4da4292157c}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e36-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e37-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e38-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e39-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e3a-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e3b-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e3c-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e3f-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a019e40-c7c3-11dc-a550-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c10-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c13-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a789c14-fd73-11de-ba9a-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3c7-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3c8-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3c9-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3ca-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3cb-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3cc-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3cf-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7bdf3d0-6a85-11db-b5ae-806e6f6e6963}

BaseClass REG_SZ Drive

 

----------------------------------------

[wings 22]

Bom dia Stacoviak

 

Delete o HJTScanList

 

Seus logs estão limpos.

 

Seu problema não tem relação com malwares.

[Stacoviak 0]

Boa tarde.

 

Muito obrigado pela ajuda! Vou pesquisar no FAQ do programa por algum problema semelhante.

 

Abraço!

[wings 22]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.