[Arquivado] Janelas se abrem sozinhas no IE 7

edi_theone · Fevereiro 27, 2010

OLA AMIGOS! ESPERO ESTAR POSTANDO NO LUGAR CERTO.DESDE JÁ PARABENIZO AOS MEMBROS DO FORUM POR SUA PARTCIPAÇÃO DE GRANDE AJUDA AQUI.

ESTOU COM UM PROBLEMA NO MEU IE 7.USO UM NOTEBOOK COM VISTA 64 BITS,E AS VEZES NAVEGANDO NO MOZILA,OU USANDO OUTROS PROGRAMAS ACONTECE DE SE ABRIR JANELAS DO INTERNET EXPLORER 7 DE SITES TIPO LINK BUSTER EZ MOVIES linkmoney ETC...

JÁ BAIXEI DIVERSOS REMOVEDORES DE SPYWARES E MALWARES MAS NÃO TIVE EXITO E O PROBLEMA PERSISTE,TBM MANTENHO O NORTON ATUALIZADO MAS O MESMO NÃO RESOLVE MEU PROBLEMA TBM,SEGUE ABAIXO O LOG DO HiJackThis.ESPERO QUE POSSAM ME AJUDAR! MUITO OBRIGADO!!!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:47:02, on 27/02/2010

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Users\renata\Documents\task.exe

C:\Users\renata\Documents\Live Microsoft Update.exe

C:\Program Files (x86)\Hp\QuickPlay\QPService.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Spyware Doctor\pctsTray.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\SysWOW64\conime.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\renata\Desktop\pes desco\Nova Pasta\pes2010.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Internet Explorer\IEUser.exe

C:\Users\renata\Downloads\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Task Menu] C:\Users\renata\Documents\task.exe

O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\renata\Documents\Live Microsoft Update.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: Download with &Shareaza - res://c:\program files (x86)\shareaza\razawebhook32.dll/3000

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{DC2E041F-5FD0-4ACB-8197-5919DE88C9F9}: NameServer = 189.124.16.2,189.124.16.14

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

O20 - AppInit_DLLs:

O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe (file missing)

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12136 bytes

Sam Spade · Fevereiro 27, 2010

Olá edi_theone! Baixe OTS.exe, by OldTimer e salve na sua área de trabalho.

Clique com o direito do mouse sobre o arquivo e depois clique em Executar como > Administrador e confirme.

Tal como a imagem acima, marque estas opções:

Scan All Users
Use Company Name Whitelist / Skip Microsoft files
Clique no botão Run Scan

Aguarde enquanto a ferramenta examina seu pc. Quando terminar, o bloco de notas será aberto, com algumas informações.

Feche o bloco de notas e também o OTS.exe

O log ficou salvo na mesma pasta onde está o OTS.exe (ou seja, na sua área de trabalho), com o nome OTS.txt.

Anexe o log em sua próxima resposta.

Por favor, não cole o log na sua resposta.

Caso o arquivo fique muito grande e exceda o limite do forum, envie-o para um arquivo .zip ou .rar e anexe-o.

edi_theone · Fevereiro 28, 2010

opa! obrigado pela ajuda!

ja gerei o log do ots,porem n achei a opção de anexar o arquivo aq n forum!

como faço?

obrigado!

Sam Spade · Março 2, 2010

Opa, pode copiar e colar na sua próxima resposta.

edi_theone · Março 4, 2010

opa blza !! ta ai então amigo!!

OTS logfile created on: 04/03/2010 23:26:38 - Run 2

OTS by OldTimer - Version 3.1.23.0 Folder = C:\Users\renata\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18882)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free

8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 221,07 Gb Total Space | 112,53 Gb Free Space | 50,90% Space Free | Partition Type: NTFS

Drive D: | 11,81 Gb Total Space | 1,35 Gb Free Space | 11,47% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: RENATA-PC

Current User Name: renata

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

[Processes - Safe List]

ots.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools)

jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2010/02/27 23:09:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)

pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] ()

windowsthumbnail.exe -> C:\Program Files (x86)\Shareaza\WindowsThumbnail.exe -> [2010/02/06 13:39:44 | 000,164,352 | ---- | M] (Shareaza Development Team)

shareaza.exe -> C:\Program Files (x86)\Shareaza\Shareaza.exe -> [2010/02/06 13:39:06 | 004,853,760 | ---- | M] (Shareaza Development Team)

bdtupdateservice.exe -> C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/21 20:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.)

ccsvchst.exe -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -> [2010/01/20 18:03:39 | 000,117,640 | R--- | M] (Symantec Corporation)

pctstray.exe -> C:\Program Files (x86)\Spyware Doctor\pctsTray.exe -> [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools)

pctssvc.exe -> C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -> [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools)

firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/01/16 00:18:31 | 000,910,296 | ---- | M] (Mozilla Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP006.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP005.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP004.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP003.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP002.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP001.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

arm.exe -> C:\Users\renata\AppData\Local\Temp\IXP000.TMP\arm.exe -> [2009/12/24 20:27:24 | 000,086,016 | ---- | M] (Microsoft Corporation)

pctsauxs.exe -> C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -> [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools)

task.exe -> C:\Users\renata\Documents\task.exe -> [2009/10/26 19:56:35 | 000,421,517 | -H-- | M] ()

wlcomm.exe -> C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe -> [2009/09/30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation)

msnmsgr.exe -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 16:44:26 | 003,883,840 | ---- | M] (Microsoft Corporation)

conime.exe -> C:\Windows\SysWOW64\conime.exe -> [2009/04/11 03:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation)

emule.exe -> C:\Program Files (x86)\eMule\emule.exe -> [2009/02/22 16:15:14 | 005,668,864 | ---- | M] (http://www.emule-project.net)

blservice.exe -> C:\Program Files (x86)\SMINST\BLService.exe -> [2008/12/17 15:11:40 | 000,365,952 | ---- | M] ()

com4qlbex.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -> [2008/11/19 08:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.)

flashutil10a.exe -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10a.exe -> [2008/09/10 23:10:12 | 000,235,424 | R--- | M] (Adobe Systems, Inc.)

bluetoothheadsetproxy.exe -> C:\Arquivos de programas\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe -> [2008/06/19 13:04:50 | 000,014,376 | ---- | M] (Broadcom Corporation.)

[Modules - Safe List]

ots.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools)

pctgmhk.dll -> C:\Program Files (x86)\Spyware Doctor\pctgmhk.dll -> [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools)

smum32.dll -> C:\Program Files (x86)\Spyware Doctor\smum32.dll -> [2009/09/09 22:54:58 | 000,245,824 | ---- | M] (PC Tools)

comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/04/11 03:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]

64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/09/24 22:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation)

64bit-(BthServ) [Auto | Running] -> C:\Windows\SysNative\bthserv.dll -> [2009/04/11 04:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation)

64bit-(STacSV) [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe -> [2008/09/11 08:53:00 | 000,279,040 | ---- | M] (IDT, Inc.)

64bit-(AESTFilters) [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe -> [2008/06/27 12:53:06 | 000,089,088 | ---- | M] (Andrea Electronics Corporation)

64bit-(AgereModemAudio) [Auto | Running] -> C:\Windows\SysNative\agr64svc.exe -> [2007/12/11 11:11:30 | 000,015,872 | ---- | M] (Agere Systems)

(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] ()

(Browser Defender Update Service) Browser Defender Update Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/21 20:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.)

(Norton Internet Security) Norton Internet Security [Auto | Running] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -> [2010/01/20 18:03:39 | 000,117,640 | R--- | M] (Symantec Corporation)

(sdCoreService) PC Tools Security Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -> [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools)

(sdAuxService) PC Tools Auxiliary Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -> [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools)

(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/03/30 01:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation)

(Recovery Service for Windows) Recovery Service for Windows [Auto | Running] -> C:\Program Files (x86)\SMINST\BLService.exe -> [2008/12/17 15:11:40 | 000,365,952 | ---- | M] ()

(Com4QLBEx) Com4QLBEx [On_Demand | Running] -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -> [2008/11/19 08:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.)

(MSDTC) Coordenador de transações distribuídas [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2006/11/02 10:34:14 | 000,000,000 | ---D | M]

(vds) Disco Virtual [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 03:35:15 | 000,060,994 | ---- | M] ()

(VSS) Cópia de Sombra de Volume [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vss.mof -> [2006/11/02 03:35:15 | 000,055,846 | ---- | M] ()

(IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation)

[Driver Services - Safe List]

64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | M] ()

64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -> [2010/02/20 04:02:23 | 000,172,592 | ---- | M] (Symantec Corporation)

64bit-(ccHP) Symantec Hash Provider [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\ccHPx64.sys -> [2010/02/20 02:44:50 | 000,583,296 | ---- | M] (Symantec Corporation)

64bit-(BHDrvx64) Symantec Heuristics Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -> [2010/02/20 02:44:50 | 000,334,384 | ---- | M] (Symantec Corporation)

64bit-(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SYMEFA64.SYS -> [2010/01/20 18:03:40 | 000,402,992 | ---- | M] (Symantec Corporation)

64bit-(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMTDI.SYS -> [2010/01/20 18:03:40 | 000,278,576 | ---- | M] (Symantec Corporation)

64bit-(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMFW.SYS -> [2010/01/20 18:03:40 | 000,120,880 | ---- | M] (Symantec Corporation)

64bit-(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMNDISV.SYS -> [2010/01/20 18:03:40 | 000,056,880 | ---- | M] (Symantec Corporation)

64bit-(SRTSP) Symantec Real Time Storage Protection x64 [File_System | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SRTSP64.SYS -> [2010/01/20 18:03:39 | 000,476,720 | ---- | M] (Symantec Corporation)

64bit-(SRTSPX) Symantec Real Time Storage Protection (PEL) x64 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SRTSPX64.SYS -> [2010/01/20 18:03:39 | 000,032,304 | ---- | M] (Symantec Corporation)

64bit-(PCTCore) PCTools KDS [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PCTCore64.sys -> [2009/09/23 16:10:04 | 000,218,056 | ---- | M] (PC Tools)

64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\psi_mf.sys -> [2009/06/17 09:19:14 | 000,015,208 | ---- | M] (Secunia)

64bit-(BTHPORT) Driver de Porta Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\BTHport.sys -> [2009/04/11 02:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation)

64bit-(RFCOMM) Dispositivo Bluetooth (TDI de Protocolo RFCOMM) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\rfcomm.sys -> [2009/04/11 02:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation)

64bit-(BthEnum) Serviço de Enumerador de Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\BthEnum.sys -> [2009/04/11 02:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation)

64bit-(BTHUSB) Driver USB de Rádio Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\BTHUSB.sys -> [2009/04/11 02:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation)

64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2008/12/03 10:21:52 | 000,184,832 | ---- | M] (Realtek Corporation )

64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\stwrt64.sys -> [2008/09/11 08:54:44 | 000,465,408 | ---- | M] (IDT, Inc.)

64bit-(enecir) ENE CIR Receiver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\enecir.sys -> [2008/09/04 14:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.)

64bit-(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\igdkmd64.sys -> [2008/09/02 10:21:04 | 008,034,592 | ---- | M] (Intel Corporation)

64bit-(NETw5v64) Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\NETw5v64.sys -> [2008/08/28 20:57:24 | 004,745,216 | ---- | M] (Intel Corporation)

64bit-(JMCR) JMCR [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\jmcr.sys -> [2008/07/21 07:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation)

64bit-(IntcHdmiAddService) Intel® High Definition Audio HDMI [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\IntcHdmi.sys -> [2008/07/15 05:20:42 | 000,126,464 | ---- | M] (Intel® Corporation)

64bit-(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwavdt.sys -> [2008/06/23 08:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.)

64bit-(btwaudio) Dispositivo de áudio Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwaudio.sys -> [2008/06/23 08:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.)

64bit-(btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\btwrchid.sys -> [2008/06/23 08:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.)

64bit-(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\agrsm64.sys -> [2008/02/29 14:59:32 | 001,252,352 | ---- | M] (Agere Systems)

64bit-(ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Apfiltr.sys -> [2008/01/31 20:23:14 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.)

64bit-(usbvideo) Dispositivo de vídeo USB (WDM) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\usbvideo.sys -> [2008/01/20 23:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation)

64bit-(BthPan) Dispositivo Bluetooth (Rede Pessoal) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\bthpan.sys -> [2008/01/20 23:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation)

64bit-(NETw3v64) Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\NETw3v64.sys -> [2008/01/20 23:46:57 | 003,154,432 | ---- | M] (Intel Corporation)

64bit-(sdbus) sdbus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\sdbus.sys -> [2008/01/20 23:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation)

64bit-(CmBatt) Driver de Bateria do Método de Controle ACPI da Microsoft [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\CmBatt.sys -> [2008/01/20 23:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation)

64bit-(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -> [2007/06/18 15:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.)

64bit-(HdAudAddService) Driver de Função Microsoft 1.1 UAA para Serviço de High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2006/11/02 02:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation)

64bit-(yukonx64) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\yk60x64.sys -> [2006/10/03 22:45:36 | 000,273,408 | ---- | M] (Marvell)

(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100303.005\EX64.SYS -> [2010/02/19 02:43:20 | 001,742,896 | ---- | M] (Symantec Corporation)

(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -> [2010/02/19 02:43:20 | 000,475,696 | ---- | M] (Symantec Corporation)

(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/02/19 02:43:20 | 000,132,656 | ---- | M] (Symantec Corporation)

(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100303.005\ENG64.SYS -> [2010/02/19 02:43:20 | 000,116,272 | ---- | M] (Symantec Corporation)

(IDSVia64) IDSVia64 [Kernel | System | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100224.002\IDSviA64.sys -> [2010/02/10 20:19:26 | 000,466,992 | ---- | M] (Symantec Corporation)

(DiagnosticScan) DiagnosticScan [Kernel | Boot | Stopped] -> C:\Windows\SysWOW64\drivers\DiagnosticScan.SYS -> [2009/11/15 22:48:16 | 000,017,408 | ---- | M] (AdwareAway.net)

(Start1Driver) Start1Driver [Kernel | System | Stopped] -> C:\Windows\SysWOW64\drivers\Start1Driver.SYS -> [2009/10/19 10:21:41 | 000,005,120 | ---- | M] (F.Y.N. Technology Inc.)

(Tcpip) Driver de Protocolo TCP/IP [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 18:36:40 | 000,003,066 | ---- | M] ()

(mpsdrv) Driver de Autorização do Firewall do Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 18:35:23 | 000,001,088 | ---- | M] ()

[Registry - Safe List]

< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->

HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb ->

HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb ->

< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->

HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb ->

HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->

HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb ->

< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->

HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->

< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->

HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->

< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->

< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->

< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"Start Page" -> http://www.google.com.br/ ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"StartPageCache" -> 1 ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: "ProxyEnable" -> 0 ->

< FireFox Settings [Prefs.js] > -> C:\Users\renata\AppData\Roaming\Mozilla\FireFox\Profiles\8qatd06r.default\prefs.js ->

< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla

HKLM\software\mozilla\Firefox\Extensions -> ->

HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} -> C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\ [C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\] -> [2010/03/04 09:34:42 | 000,000,000 | ---D | M]

HKLM\software\mozilla\Mozilla Firefox 3.6\extensions -> ->

HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/02/27 14:08:56 | 000,000,000 | ---D | M]

HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/02/27 23:11:17 | 000,000,000 | ---D | M]

< FireFox Extensions [user Folders] > ->

-> C:\Users\renata\AppData\Roaming\mozilla\Extensions -> [2010/03/04 21:23:31 | 000,000,000 | ---D | M]

-> C:\Users\renata\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org -> [2010/03/04 21:23:31 | 000,000,000 | ---D | M]

-> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions -> [2010/03/03 11:23:31 | 000,000,000 | ---D | M]

No name found -> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/03/03 11:23:31 | 000,000,000 | ---D | M]

-> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions\staged-xpis -> [2010/03/03 11:23:31 | 000,000,000 | ---D | M]

< FireFox Extensions [Program Folders] > ->

-> C:\Program Files (x86)\mozilla firefox\extensions -> [2010/03/04 09:34:17 | 000,000,000 | ---D | M]

< HOSTS File > ([2006/09/18 18:37:24 | 000,000,761 | ---- | M] - 20 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->

Reset Hosts

127.0.0.1 localhost

::1 localhost

< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{0EEDB912-C5FA-486F-8334-57288578C627} [HKLM] -> C:\Program Files (x86)\Shareaza\RazaWebHook64.dll [shareaza Web Download Hook] -> [2010/02/06 12:24:24 | 000,096,768 | ---- | M] (Shareaza Development Team)

< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{0EEDB912-C5FA-486F-8334-57288578C627} [HKLM] -> C:\Program Files (x86)\Shareaza\RazaWebHook32.dll [shareaza Web Download Hook] -> [2010/02/06 13:39:20 | 000,081,920 | ---- | M] (Shareaza Development Team)

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 21:33:16 | 000,075,128 | ---- | M] (Adobe Systems Incorporated)

{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard BHO] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.)

{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [symantec NCO BHO] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation)

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL [symantec Intrusion Prevention] -> [2010/01/20 18:03:37 | 000,107,896 | R--- | M] (Symantec Corporation)

{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Auxiliar de Conexão do Windows Live] -> [2009/01/22 15:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)

{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java Plug-In 2 SSV Helper] -> [2010/02/27 23:09:46 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.)

< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->

"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> File not found

< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->

"{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.)

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [Norton Toolbar] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation)

< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->

64bit-WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> File not found

WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found

WebBrowser\\"{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.)

WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [Norton Toolbar] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation)

< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"Apoint" -> C:\Arquivos de Programas\Apoint2K\Apoint.exe [C:\Program Files\Apoint2K\Apoint.exe] -> [2008/01/21 14:10:04 | 000,246,784 | ---- | M] (Alps Electric Co., Ltd.)

"HotKeysCmds" -> C:\Windows\SysNative\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2008/09/09 10:24:46 | 000,225,816 | ---- | M] (Intel Corporation)

"IgfxTray" -> C:\Windows\SysNative\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2008/09/09 10:25:02 | 000,153,624 | ---- | M] (Intel Corporation)

"Persistence" -> C:\Windows\SysNative\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2008/09/09 10:24:56 | 000,199,704 | ---- | M] (Intel Corporation)

"SysTrayApp" -> C:\Arquivos de Programas\IDT\WDM\sttray64.exe [%ProgramFiles%\IDT\WDM\sttray64.exe] -> [2008/09/11 08:50:50 | 000,441,344 | ---- | M] (IDT, Inc.)

"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 23:47:32 | 001,584,184 | ---- | M] (Microsoft Corporation)

< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2008/06/12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated)

"HP Health Check Scheduler" -> c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] -> [2008/10/09 06:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard)

"HP Software Update" -> C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] -> [2008/12/08 14:34:24 | 000,054,576 | ---- | M] (Hewlett-Packard)

"ISTray" -> C:\Program Files (x86)\Spyware Doctor\pctsTray.exe ["C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"] -> [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools)

"QlbCtrl.exe" -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ["C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start] -> [2008/10/10 11:24:44 | 000,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.)

"QPService" -> C:\Program Files (x86)\HP\QuickPlay\QPService.exe ["C:\Program Files (x86)\HP\QuickPlay\QPService.exe"] -> [2008/09/23 16:21:52 | 000,468,264 | ---- | M] (CyberLink Corp.)

"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2010/02/27 23:09:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)

"UCam_Menu" -> C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"] -> [2008/12/03 21:15:16 | 000,218,408 | ---- | M] (CyberLink Corp.)

"UpdateLBPShortCut" -> C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 17:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)

"UpdateP2GoShortCut" -> C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/10/30 10:51:46 | 000,210,216 | ---- | M] (CyberLink Corp.)

"UpdatePDIRShortCut" -> C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 17:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)

"UpdatePSTShortCut" -> C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/11/26 10:34:22 | 000,210,216 | ---- | M] (CyberLink Corp.)

"WirelessAssistant" -> C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe] -> [2008/12/08 10:25:24 | 000,432,432 | ---- | M] (Hewlett-Packard)

< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)

"WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 03:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)

< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)

"WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 03:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)

< Run [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009/10/30 08:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)

"LightScribe Control Panel" -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden] -> [2008/06/09 09:16:32 | 002,363,392 | ---- | M] (Hewlett-Packard Company)

"Task Menu" -> C:\Users\renata\Documents\task.exe [C:\Users\renata\Documents\task.exe] -> [2009/10/26 19:56:35 | 000,421,517 | -H-- | M] ()

"Windows Live Updater" -> C:\Users\renata\Documents\Live Microsoft Update.exe [C:\Users\renata\Documents\Live Microsoft Update.exe] -> [2009/10/26 19:58:35 | 000,421,005 | -H-- | M] ()

"WMPNSCFG" -> C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found

< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoActiveDesktop" -> [1] -> File not found

< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->

Download with &Shareaza -> c:\program files (x86)\shareaza\razawebhook32.dll [res://c:\program files (x86)\shareaza\razawebhook32.dll/3000] -> [2010/02/06 13:39:20 | 000,081,920 | ---- | M] (Shareaza Development Team)

Enviar imagem para Dispositivo &Bluetooth... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 11:57:50 | 000,001,199 | ---- | M] ()

Enviar página para Dispositivo &Bluetooth ... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->

Download with &Shareaza -> c:\program files (x86)\shareaza\razawebhook32.dll [res://c:\program files (x86)\shareaza\razawebhook32.dll/3000] -> [2010/02/06 13:39:20 | 000,081,920 | ---- | M] (Shareaza Development Team)

E&xportar para o Microsoft Excel -> C:\Arquivos de Programas (x86)\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> File not found

Enviar imagem para Dispositivo &Bluetooth... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 11:57:50 | 000,001,199 | ---- | M] ()

Enviar página para Dispositivo &Bluetooth ... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found

< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [button: @btrez.dll,-4015] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [button: Enviar para o OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation)

{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation)

{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL [button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)

{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [button: Enviar para Bluetooth] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: Enviar para Dispositivo &Bluetooth...] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()

< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\Extensions\ ->

64bit-CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@btrez.dll,-4015;Enviar para Bluetooth] -> File not found

CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> @btrez.dll,-4015 [Enviar para Bluetooth;@btrez.dll,-4015;Enviar para Bluetooth] -> File not found

< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

"" -> http://

< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

"" -> http://

< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4821 domain(s) found. ->

< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] ->

{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->

< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{DC2E041F-5FD0-4ACB-8197-5919DE88C9F9}\\NameServer -> 189.124.16.2,189.124.16.14 (Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)) ->

< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->

explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 04:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->

explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->

igfxcui -> C:\Windows\SysNative\igfxdev.dll -> [2008/09/02 09:59:46 | 000,228,352 | ---- | M] (Intel Corporation)

< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->

< Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->

< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->

{08470E25-CF34-4375-8411-FC375F1DC757} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |

{193794C4-DCD7-4BA3-9339-47F6C93126EA} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |

< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->

{0CFAE9F0-0E4E-4142-BC1A-3F042D3E5358} -> protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe |

{2D91DF8B-B839-4A2E-A476-66775327A382} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |

{2DF1E13C-F0A9-41DB-B3AD-D85836078243} -> dir=in | action=allow | name=quick play | app=c:\program files (x86)\hp\quickplay\qp.exe |

{38DEC984-0C44-4C64-B29B-BD76F867AD14} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

{50F03A7C-38E1-484C-95C1-82602364D801} -> profile=public | protocol=6 | dir=in | action=allow | name=editor | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |

{5BB4B2C2-1D86-4402-AFF5-7285C55D56F7} -> profile=public | protocol=17 | dir=in | action=allow | name=far cry 2 | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |

{68E7C64E-6356-4571-B29A-94643C17B37E} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |

{69EEA631-C185-4B5C-AD9E-56703B3FC278} -> profile=public | protocol=6 | dir=in | action=allow | name=far cry 2 | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |

{8439CBEE-6C19-4564-92FA-7EFAA049C2C9} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |

{88F8615B-5E11-430A-A38C-623171DF6A04} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |

{9295479F-8B78-48F5-B1A2-9096160D1D85} -> profile=public | protocol=17 | dir=in | action=allow | name=editor | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |

{92980EFF-6D0A-4A3F-8CAC-2AA54E9A962B} -> profile=public | protocol=17 | dir=in | action=allow | name=far cry 2 updater | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |

{9552F818-BCB6-435F-BB2A-93DD9048F7CF} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

{A32B8D8C-0371-4F1B-85B7-4966DBB5EC68} -> protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe |

{BA8EC1E6-085A-4F42-86E8-7C5F0E7E70D2} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |

{BCFE049E-6577-4695-81D6-920C1425F43E} -> profile=public | protocol=6 | dir=in | action=allow | name=far cry 2 updater | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |

{D2CC3E89-020C-4C8A-AF9F-FDFB36427D9C} -> profile=private | protocol=6 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe |

{D6960EB0-F822-420F-BA07-D7A87B1DF1F1} -> dir=in | action=allow | name=quick play resident program | app=c:\program files (x86)\hp\quickplay\qpservice.exe |

{D7564DAB-4111-415A-B131-E77E46D3E9F9} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

{DAC24117-EE1C-4E10-8E9A-C8CFD38F1D7F} -> profile=private | protocol=17 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe |

{EE1C317D-3F59-41A7-89BD-8B835601F522} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |

< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->

< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->

"AutoRun" -> 1 ->

"DisplayName" -> Driver de CD-ROM ->

"ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/04/11 02:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation)

< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->

\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell

\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\AutoRun\command

\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\AutoRun\command\\"" -> F:\autorun.exe [F:\autorun.exe] -> File not found

< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->

64bit-comfile [open] -> "%1" %* -> File not found

64bit-exefile [open] -> "%1" %* -> File not found

comfile [open] -> "%1" %* ->

exefile [open] -> "%1" %* ->

[Files/Folders - Created Within 30 Days]

OTS.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:00 | 000,634,368 | ---- | C] (OldTimer Tools)

EA Games -> C:\Users\renata\Documents\EA Games -> [2010/03/04 23:09:38 | 000,000,000 | ---D | C]

EA Games -> C:\Users\Public\Documents\EA Games -> [2010/03/04 23:09:38 | 000,000,000 | ---D | C]

LimeWire -> C:\Users\renata\Documents\LimeWire -> [2010/03/04 21:23:52 | 000,000,000 | ---D | C]

praetorians primeiro baixado partes -> C:\Users\renata\Desktop\praetorians primeiro baixado partes -> [2010/03/04 20:03:55 | 000,000,000 | ---D | C]

pretorians -> C:\Users\renata\Desktop\pretorians -> [2010/03/04 18:57:03 | 000,000,000 | ---D | C]

TimeBomb -> C:\Program Files (x86)\TimeBomb -> [2010/03/02 23:02:35 | 000,000,000 | ---D | C]

eMule -> C:\Program Files (x86)\eMule -> [2010/03/02 13:59:39 | 000,000,000 | ---D | C]

eMule -> C:\ProgramData\eMule -> [2010/03/02 13:20:24 | 000,000,000 | ---D | C]

eMule -> C:\Users\renata\AppData\Local\eMule -> [2010/03/02 13:19:52 | 000,000,000 | ---D | C]

Opera -> C:\Users\renata\AppData\Local\Opera -> [2010/03/02 08:40:43 | 000,000,000 | ---D | C]

Opera -> C:\Users\renata\AppData\Roaming\Opera -> [2010/03/02 08:40:41 | 000,000,000 | ---D | C]

Opera -> C:\Program Files (x86)\Opera -> [2010/03/02 08:40:13 | 000,000,000 | ---D | C]

Windows Portable Devices -> C:\Program Files (x86)\Windows Portable Devices -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C]

Windows Portable Devices -> C:\Arquivos de Programas\Windows Portable Devices -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C]

spool -> C:\Windows\SysWow64\spool -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C]

vi-VN -> C:\Windows\SysWow64\vi-VN -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C]

eu-ES -> C:\Windows\SysWow64\eu-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C]

eu-ES -> C:\Windows\SysNative\eu-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C]

ca-ES -> C:\Windows\SysWow64\ca-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C]

ca-ES -> C:\Windows\SysNative\ca-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C]

vi-VN -> C:\Windows\SysNative\vi-VN -> [2010/02/28 03:33:18 | 000,000,000 | ---D | C]

EventProviders -> C:\Windows\SysNative\EventProviders -> [2010/02/28 01:55:50 | 000,000,000 | ---D | C]

Mozilla -> C:\Users\renata\AppData\Roaming\Mozilla -> [2010/02/27 14:10:27 | 000,000,000 | ---D | C]

Mozilla -> C:\Users\renata\AppData\Local\Mozilla -> [2010/02/27 14:10:27 | 000,000,000 | ---D | C]

Mozilla Firefox -> C:\Program Files (x86)\Mozilla Firefox -> [2010/02/27 14:08:47 | 000,000,000 | ---D | C]

talim -> C:\Users\renata\Desktop\talim -> [2010/02/25 00:02:24 | 000,000,000 | ---D | C]

32788R22FWJFW -> C:\32788R22FWJFW -> [2010/02/24 22:59:33 | 000,000,000 | ---D | C]

LightScribe -> C:\ProgramData\LightScribe -> [2010/02/23 20:55:40 | 000,000,000 | ---D | C]

Malwarebytes -> C:\Users\renata\AppData\Roaming\Malwarebytes -> [2010/02/22 23:28:07 | 000,000,000 | ---D | C]

mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/02/22 23:27:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation)

Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/02/22 23:27:37 | 000,000,000 | ---D | C]

mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/02/22 23:27:35 | 000,022,104 | ---- | C] (Malwarebytes Corporation)

Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/02/22 23:27:33 | 000,000,000 | ---D | C]

wolf -> C:\Users\renata\Desktop\wolf -> [2010/02/22 23:22:47 | 000,000,000 | ---D | C]

Downloads -> C:\Users\renata\Documents\Downloads -> [2010/02/22 22:54:32 | 000,000,000 | ---D | C]

GetRightToGo -> C:\Users\renata\AppData\Roaming\GetRightToGo -> [2010/02/22 22:54:22 | 000,000,000 | ---D | C]

Minidump -> C:\Windows\Minidump -> [2010/02/22 21:48:35 | 000,000,000 | ---D | C]

DiagnosticScan.SYS -> C:\Windows\SysWow64\drivers\DiagnosticScan.SYS -> [2010/02/22 19:46:06 | 000,017,408 | ---- | C] (AdwareAway.net)

Start1Driver.SYS -> C:\Windows\SysWow64\drivers\Start1Driver.SYS -> [2010/02/22 19:46:06 | 000,005,120 | ---- | C] (F.Y.N. Technology Inc.)

AA -> C:\Program Files (x86)\AA -> [2010/02/22 19:46:04 | 000,000,000 | ---D | C]

Comodo -> C:\Users\renata\AppData\Local\Comodo -> [2010/02/22 19:06:49 | 000,000,000 | ---D | C]

SpywareBlaster -> C:\Program Files (x86)\SpywareBlaster -> [2010/02/22 16:32:22 | 000,000,000 | ---D | C]

SendShield -> C:\Program Files (x86)\SendShield -> [2010/02/22 16:27:20 | 000,000,000 | ---D | C]

Secunia -> C:\Program Files (x86)\Secunia -> [2010/02/22 16:26:33 | 000,000,000 | ---D | C]

Comodo -> C:\Users\renata\AppData\Roaming\Comodo -> [2010/02/22 16:20:23 | 000,000,000 | ---D | C]

CCleaner -> C:\Program Files (x86)\CCleaner -> [2010/02/22 16:11:20 | 000,000,000 | ---D | C]

Google -> C:\ProgramData\Google -> [2010/02/22 15:04:11 | 000,000,000 | ---D | C]

DoctorWeb -> C:\Users\renata\DoctorWeb -> [2010/02/22 14:11:42 | 000,000,000 | ---D | C]

Google -> C:\Users\renata\AppData\Roaming\Google -> [2010/02/22 13:24:57 | 000,000,000 | ---D | C]

Google -> C:\Users\renata\AppData\Local\Google -> [2010/02/22 12:58:29 | 000,000,000 | ---D | C]

Google -> C:\Arquivos de Programas\Google -> [2010/02/22 12:58:01 | 000,000,000 | ---D | C]

Threat Expert -> C:\Users\renata\AppData\Local\Threat Expert -> [2010/02/22 12:57:42 | 000,000,000 | ---D | C]

SGDetectionTool.dll -> C:\Windows\SGDetectionTool.dll -> [2010/02/22 12:54:14 | 000,149,456 | ---- | C] (PC Tools)

PCTBDCore.dll -> C:\Windows\PCTBDCore.dll -> [2010/02/22 12:54:13 | 001,652,688 | ---- | C] (Threat Expert Ltd.)

PCTBDCore.dll.old -> C:\Windows\PCTBDCore.dll.old -> [2010/02/22 12:54:13 | 001,640,400 | ---- | C] (Threat Expert Ltd.)

PCTBDRes.dll -> C:\Windows\PCTBDRes.dll -> [2010/02/22 12:54:13 | 000,165,840 | ---- | C] (Threat Expert Ltd.)

Google -> C:\Program Files (x86)\Google -> [2010/02/22 12:53:58 | 000,000,000 | ---D | C]

pctgntdi64.sys -> C:\Windows\SysNative\drivers\pctgntdi64.sys -> [2010/02/22 12:16:03 | 000,306,648 | ---- | C] (PC Tools)

pctwfpfilter64.sys -> C:\Windows\SysNative\drivers\pctwfpfilter64.sys -> [2010/02/22 12:16:02 | 000,133,072 | ---- | C] (PC Tools)

PCTCore64.sys -> C:\Windows\SysNative\drivers\PCTCore64.sys -> [2010/02/22 12:15:38 | 000,218,056 | ---- | C] (PC Tools)

pctplsg64.sys -> C:\Windows\SysNative\drivers\pctplsg64.sys -> [2010/02/22 12:15:10 | 000,092,896 | ---- | C] (PC Tools)

PC Tools -> C:\Program Files (x86)\Common Files\PC Tools -> [2010/02/22 12:14:37 | 000,000,000 | ---D | C]

Spyware Doctor -> C:\Program Files (x86)\Spyware Doctor -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C]

PC Tools -> C:\Users\renata\AppData\Roaming\PC Tools -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C]

PC Tools -> C:\ProgramData\PC Tools -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C]

Webteh -> C:\Program Files (x86)\Webteh -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C]

BSplayer Pro -> C:\Users\renata\AppData\Roaming\BSplayer Pro -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C]

BSplayer -> C:\Users\renata\AppData\Roaming\BSplayer -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C]

KONAMI -> C:\Users\renata\Documents\KONAMI -> [2010/02/22 03:35:51 | 000,000,000 | ---D | C]

KONAMI -> C:\ProgramData\KONAMI -> [2010/02/22 03:20:34 | 000,000,000 | ---D | C]

KONAMI -> C:\Program Files (x86)\KONAMI -> [2010/02/22 03:20:34 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2010/02/22 02:47:07 | 000,000,000 | ---D | C]

DAEMON Tools Images -> C:\Users\Public\Documents\DAEMON Tools Images -> [2010/02/22 02:38:10 | 000,000,000 | ---D | C]

DivXsm.exe -> C:\Windows\SysWow64\DivXsm.exe -> [2010/02/22 02:28:38 | 000,532,480 | ---- | C] (DivX Inc.)

dpl100.dll -> C:\Windows\SysWow64\dpl100.dll -> [2010/02/22 02:28:38 | 000,090,112 | ---- | C] (DivX, Inc.)

divx.dll -> C:\Windows\SysWow64\divx.dll -> [2010/02/22 02:28:37 | 000,696,320 | ---- | C] (DivX, Inc.)

divxdec.ax -> C:\Windows\SysWow64\divxdec.ax -> [2010/02/22 02:28:36 | 000,999,424 | ---- | C] (DivX, Inc.)

coreavcdecoder.ax -> C:\Windows\SysWow64\coreavcdecoder.ax -> [2010/02/22 02:28:36 | 000,271,872 | ---- | C] (CoreCodec)

Codec -> C:\Program Files (x86)\Codec -> [2010/02/22 02:28:35 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Users\renata\AppData\Roaming\DAEMON Tools Lite -> [2010/02/22 02:12:41 | 000,000,000 | ---D | C]

DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/02/22 02:12:36 | 000,000,000 | ---D | C]

pes desco -> C:\Users\renata\Desktop\pes desco -> [2010/02/22 01:51:11 | 000,000,000 | ---D | C]

msdownld.tmp -> C:\Windows\msdownld.tmp -> [2010/02/22 00:30:57 | 000,000,000 | -H-D | C]

directx -> C:\Windows\SysWow64\directx -> [2010/02/22 00:30:45 | 000,000,000 | ---D | C]

MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2010/02/21 23:28:40 | 000,000,000 | ---D | C]

AGEIA Technologies -> C:\Program Files (x86)\AGEIA Technologies -> [2010/02/21 00:00:46 | 000,000,000 | ---D | C]

AGEIA -> C:\Windows\SysWow64\AGEIA -> [2010/02/21 00:00:46 | 000,000,000 | ---D | C]

Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/02/21 00:00:37 | 000,000,000 | ---D | C]

xmen pc -> C:\Users\renata\Desktop\xmen pc -> [2010/02/20 23:01:35 | 000,000,000 | ---D | C]

QuickPlay -> C:\Users\renata\AppData\Local\QuickPlay -> [2010/02/20 18:04:58 | 000,000,000 | ---D | C]

rom snes -> C:\rom snes -> [2010/02/20 17:51:22 | 000,000,000 | ---D | C]

emulador de mega -> C:\Users\renata\Desktop\emulador de mega -> [2010/02/20 17:44:12 | 000,000,000 | ---D | C]

xmen cd 2 -> C:\Users\renata\Desktop\xmen cd 2 -> [2010/02/20 17:09:34 | 000,000,000 | ---D | C]

Adobe -> C:\Users\renata\AppData\Local\Adobe -> [2010/02/20 14:11:58 | 000,000,000 | ---D | C]

cncs32.dll -> C:\Windows\SysWow64\cncs32.dll -> [2010/02/20 13:49:21 | 000,172,544 | ---- | C] (Europress Software)

dkrumble -> C:\Windows\dkrumble -> [2010/02/20 13:49:21 | 000,000,000 | ---D | C]

WinRAR -> C:\Users\renata\AppData\Roaming\WinRAR -> [2010/02/20 13:26:13 | 000,000,000 | ---D | C]

WinRAR -> C:\Arquivos de Programas\WinRAR -> [2010/02/20 13:24:35 | 000,000,000 | ---D | C]

uTorrent -> C:\Program Files (x86)\uTorrent -> [2010/02/20 13:00:32 | 000,000,000 | ---D | C]

uTorrent -> C:\Users\renata\AppData\Roaming\uTorrent -> [2010/02/20 12:56:15 | 000,000,000 | ---D | C]

Symantec -> C:\ProgramData\Symantec -> [2010/02/20 10:21:48 | 000,000,000 | ---D | C]

Shareaza -> C:\Users\renata\AppData\Local\Shareaza -> [2010/02/20 00:19:44 | 000,000,000 | ---D | C]

Shareaza -> C:\Users\renata\AppData\Roaming\Shareaza -> [2010/02/20 00:19:05 | 000,000,000 | ---D | C]

Shareaza -> C:\Program Files (x86)\Shareaza -> [2010/02/20 00:19:02 | 000,000,000 | ---D | C]

Tracing -> C:\Users\renata\Tracing -> [2010/02/19 17:42:54 | 000,000,000 | ---D | C]

Microsoft -> C:\Program Files (x86)\Microsoft -> [2010/02/19 17:42:08 | 000,000,000 | ---D | C]

microsoft -> C:\Users\Public\Documents\microsoft -> [2010/02/19 17:41:58 | 000,000,000 | ---D | C]

Windows Live SkyDrive -> C:\Program Files (x86)\Windows Live SkyDrive -> [2010/02/19 17:41:51 | 000,000,000 | ---D | C]

Windows Live -> C:\Program Files (x86)\Windows Live -> [2010/02/19 17:41:33 | 000,000,000 | ---D | C]

Windows Live -> C:\Program Files (x86)\Common Files\Windows Live -> [2010/02/19 17:33:35 | 000,000,000 | ---D | C]

My Games -> C:\Users\renata\Documents\My Games -> [2010/02/18 19:41:54 | 000,000,000 | ---D | C]

CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/02/18 19:34:50 | 000,178,800 | ---- | C] (Sony DADC Austria AG.)

Ubisoft -> C:\Program Files (x86)\Ubisoft -> [2010/02/18 19:24:56 | 000,000,000 | ---D | C]

CyberLink -> C:\Users\renata\AppData\Roaming\CyberLink -> [2010/02/18 19:09:13 | 000,000,000 | ---D | C]

NFS Undercover -> C:\Users\renata\Documents\NFS Undercover -> [2010/02/18 18:26:09 | 000,000,000 | ---D | C]

PunkBuster -> C:\Users\renata\AppData\Local\PunkBuster -> [2010/02/18 18:25:40 | 000,000,000 | ---D | C]

GameVicio -> C:\Program Files (x86)\GameVicio -> [2010/02/18 18:21:43 | 000,000,000 | ---D | C]

Adobe -> C:\Users\renata\AppData\Roaming\Adobe -> [2010/02/18 18:17:01 | 000,000,000 | ---D | C]

Electronic Arts -> C:\ProgramData\Electronic Arts -> [2010/02/18 18:14:48 | 000,000,000 | ---D | C]

Downloaded Installations -> C:\Users\renata\AppData\Local\Downloaded Installations -> [2010/02/18 18:13:37 | 000,000,000 | ---D | C]

Leadertech -> C:\Users\renata\AppData\Roaming\Leadertech -> [2010/02/18 18:13:26 | 000,000,000 | ---D | C]

EA Games -> C:\Program Files (x86)\EA Games -> [2010/02/18 17:51:33 | 000,000,000 | ---D | C]

Musicas e Fotos -> C:\Users\renata\Documents\Musicas e Fotos -> [2010/02/18 17:26:03 | 000,000,000 | ---D | C]

%COREALLUSERPATH% -> C:\Windows\SysWow64\%COREALLUSERPATH% -> [2010/02/18 16:46:30 | 000,000,000 | ---D | C]

muvee Technologies -> C:\ProgramData\muvee Technologies -> [2010/02/18 15:57:53 | 000,000,000 | ---D | C]

Meus muvees -> C:\Users\renata\Documents\Meus muvees -> [2010/02/18 15:57:53 | 000,000,000 | ---D | C]

Macromedia -> C:\Users\renata\AppData\Roaming\Macromedia -> [2010/02/18 15:56:30 | 000,000,000 | ---D | C]

muvee Technologies -> C:\Users\renata\AppData\Roaming\muvee Technologies -> [2010/02/18 15:56:27 | 000,000,000 | ---D | C]

jogos -> C:\Program Files (x86)\jogos -> [2010/02/17 23:22:02 | 000,000,000 | ---D | C]

diversos cel re -> C:\Users\renata\Documents\diversos cel re -> [2010/02/17 23:08:56 | 000,000,000 | ---D | C]

Symantec Shared -> C:\Program Files (x86)\Common Files\Symantec Shared -> [2010/02/17 21:22:24 | 000,000,000 | ---D | C]

Meus arquivos recebidos -> C:\Users\renata\Documents\Meus arquivos recebidos -> [2010/02/17 20:01:37 | 000,000,000 | ---D | C]

Microsoft Games -> C:\Users\renata\AppData\Local\Microsoft Games -> [2010/02/17 19:59:41 | 000,000,000 | ---D | C]

SymIMV.sys -> C:\Windows\SysNative\drivers\SymIMV.sys -> [2010/02/17 19:38:42 | 000,031,280 | R--- | C] (Symantec Corporation)

SYMEVENT64x86.SYS -> C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -> [2010/02/17 19:38:38 | 000,172,592 | ---- | C] (Symantec Corporation)

Symantec Shared -> C:\Arquivos de Programas\Common Files\Symantec Shared -> [2010/02/17 19:38:38 | 000,000,000 | ---D | C]

Symantec -> C:\Arquivos de Programas\Symantec -> [2010/02/17 19:38:38 | 000,000,000 | ---D | C]

Pasta de trocas do Bluetooth -> C:\Users\renata\Documents\Pasta de trocas do Bluetooth -> [2010/02/17 19:37:21 | 000,000,000 | ---D | C]

Bluetooth Software -> C:\Users\renata\Bluetooth Software -> [2010/02/17 19:37:21 | 000,000,000 | ---D | C]

Searches -> C:\Users\renata\Searches -> [2010/02/17 19:36:53 | 000,000,000 | R--D | C]

Identities -> C:\Users\renata\AppData\Roaming\Identities -> [2010/02/17 19:36:46 | 000,000,000 | ---D | C]

Contacts -> C:\Users\renata\Contacts -> [2010/02/17 19:36:43 | 000,000,000 | R--D | C]

VirtualStore -> C:\Users\renata\AppData\Local\VirtualStore -> [2010/02/17 19:36:42 | 000,000,000 | ---D | C]

HP TCS -> C:\Users\renata\AppData\Roaming\HP TCS -> [2010/02/17 19:31:42 | 000,000,000 | ---D | C]

Temporary Internet Files -> C:\Users\renata\AppData\Local\Temporary Internet Files -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

SendTo -> C:\Users\renata\SendTo -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Recent -> C:\Users\renata\Recent -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Modelos -> C:\Users\renata\Modelos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Minhas músicas -> C:\Users\renata\Documents\Minhas músicas -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Minhas imagens -> C:\Users\renata\Documents\Minhas imagens -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Meus vídeos -> C:\Users\renata\Documents\Meus vídeos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Menu Iniciar -> C:\Users\renata\Menu Iniciar -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Histórico -> C:\Users\renata\AppData\Local\Histórico -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Dados de aplicativos -> C:\Users\renata\Dados de aplicativos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Dados de aplicativos -> C:\Users\renata\AppData\Local\Dados de aplicativos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Cookies -> C:\Users\renata\Cookies -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Configurações locais -> C:\Users\renata\Configurações locais -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Ambiente de rede -> C:\Users\renata\Ambiente de rede -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Ambiente de impressão -> C:\Users\renata\Ambiente de impressão -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C]

Meus documentos -> C:\Users\renata\Meus documentos -> [2010/02/17 19:28:45 | 000,000,000 | -HSD | C]

Microsoft -> C:\Users\renata\AppData\Roaming\Microsoft -> [2010/02/17 19:28:44 | 000,000,000 | --SD | C]

Videos -> C:\Users\renata\Videos -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Saved Games -> C:\Users\renata\Saved Games -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Pictures -> C:\Users\renata\Pictures -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Music -> C:\Users\renata\Music -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Links -> C:\Users\renata\Links -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Favorites -> C:\Users\renata\Favorites -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Downloads -> C:\Users\renata\Downloads -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Documents -> C:\Users\renata\Documents -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

Desktop -> C:\Users\renata\Desktop -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C]

AppData -> C:\Users\renata\AppData -> [2010/02/17 19:28:44 | 000,000,000 | -H-D | C]

Temp -> C:\Users\renata\AppData\Local\Temp -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C]

Microsoft -> C:\Users\renata\AppData\Local\Microsoft -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C]

Media Center Programs -> C:\Users\renata\AppData\Roaming\Media Center Programs -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C]

Sistema -> C:\Arquivos de Programas\Common Files\Sistema -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Modelos -> C:\ProgramData\Modelos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Minhas músicas -> C:\Users\Public\Documents\Minhas músicas -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Minhas imagens -> C:\Users\Public\Documents\Minhas imagens -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Meus vídeos -> C:\Users\Public\Documents\Meus vídeos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Menu Iniciar -> C:\ProgramData\Menu Iniciar -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Favoritos -> C:\ProgramData\Favoritos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Documentos -> C:\ProgramData\Documentos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Dados de aplicativos -> C:\ProgramData\Dados de aplicativos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Arquivos de programas -> C:\Arquivos de programas -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

Arquivos Comuns -> C:\Arquivos de Programas\Arquivos Comuns -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C]

1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files/Folders - Modified Within 30 Days]

NTUSER.DAT -> C:\Users\renata\NTUSER.DAT -> [2010/03/04 23:43:34 | 002,883,584 | -HS- | M] ()

7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/04 23:34:01 | 000,003,616 | -H-- | M] ()

7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/04 23:34:01 | 000,003,616 | -H-- | M] ()

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\renata\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/03/04 23:27:58 | 000,008,704 | ---- | M] ()

OTS.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools)

Cat.DB -> C:\Windows\SysNative\drivers\NISx64\1008000.029\Cat.DB -> [2010/03/04 23:03:14 | 002,186,444 | ---- | M] ()

Shareaza.lnk -> C:\Users\Public\Desktop\Shareaza.lnk -> [2010/03/04 21:37:50 | 000,000,934 | ---- | M] ()

hpqp.ini -> C:\ProgramData\hpqp.ini -> [2010/03/04 09:35:05 | 000,000,292 | ---- | M] ()

SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/03/04 09:33:58 | 000,000,006 | -H-- | M] ()

bootstat.dat -> C:\Windows\bootstat.dat -> [2010/03/04 09:33:46 | 000,067,584 | --S- | M] ()

hiberfil.sys -> C:\hiberfil.sys -> [2010/03/04 09:33:38 | 4193,210,368 | -HS- | M] ()

bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/03/04 00:31:29 | 000,000,012 | ---- | M] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2010/03/04 00:31:27 | 000,065,536 | -HS- | M] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/04 00:31:26 | 000,524,288 | -HS- | M] ()

IconCache.db -> C:\Users\renata\AppData\Local\IconCache.db -> [2010/03/04 00:31:19 | 002,046,607 | -H-- | M] ()

eMule.lnk -> C:\Users\Public\Desktop\eMule.lnk -> [2010/03/02 13:59:52 | 000,000,830 | ---- | M] ()

Documentos - Atalho.lnk -> C:\Users\renata\Documentos - Atalho.lnk -> [2010/03/02 10:08:02 | 000,000,372 | ---- | M] ()

OTS - Atalho.lnk -> C:\Users\renata\Desktop\OTS - Atalho.lnk -> [2010/03/01 19:55:12 | 000,000,528 | ---- | M] ()

PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/03/01 11:43:56 | 001,444,766 | ---- | M] ()

prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2010/03/01 11:43:56 | 000,634,222 | ---- | M] ()

perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/03/01 11:43:56 | 000,587,178 | ---- | M] ()

prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2010/03/01 11:43:56 | 000,121,888 | ---- | M] ()

perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/03/01 11:43:56 | 000,101,250 | ---- | M] ()

GDIPFONTCACHEV1.DAT -> C:\Users\renata\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/03/01 11:40:10 | 000,075,848 | ---- | M] ()

FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/03/01 11:36:40 | 000,314,992 | ---- | M] ()

Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/03/01 11:32:47 | 000,000,000 | -H-- | M] ()

Msft_Kernel_HpqKbFiltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2010/02/28 03:24:32 | 000,000,000 | -H-- | M] ()

iexplore.lnk -> C:\Users\renata\Desktop\iexplore.lnk -> [2010/02/27 14:38:24 | 000,000,909 | ---- | M] ()

Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/02/27 14:09:02 | 000,001,778 | ---- | M] ()

cc_20100224_230237 copia.reg -> C:\Users\renata\Documents\cc_20100224_230237 copia.reg -> [2010/02/24 23:03:49 | 000,097,582 | ---- | M] ()

CCleaner.lnk -> C:\Users\renata\Desktop\CCleaner.lnk -> [2010/02/24 22:56:51 | 000,001,724 | ---- | M] ()

Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/02/22 23:27:57 | 000,000,848 | ---- | M] ()

PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/02/22 21:21:34 | 000,183,112 | ---- | M] ()

aa.lic -> C:\Windows\aa.lic -> [2010/02/22 19:46:06 | 000,000,256 | ---- | M] ()

SpywareBlaster.lnk -> C:\Users\renata\Desktop\SpywareBlaster.lnk -> [2010/02/22 16:32:32 | 000,000,842 | ---- | M] ()

Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/02/22 12:15:28 | 000,001,819 | ---- | M] ()

DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010/02/22 02:47:43 | 000,001,789 | ---- | M] ()

sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | M] ()

binkw32.dll -> C:\Windows\SysNative\binkw32.dll -> [2010/02/21 23:53:31 | 000,358,963 | ---- | M] ()

cnc.ini -> C:\Windows\cnc.ini -> [2010/02/20 13:49:22 | 000,000,018 | ---- | M] ()

cncs32.dll -> C:\Windows\SysWow64\cncs32.dll -> [2010/02/20 13:49:21 | 000,172,544 | ---- | M] (Europress Software)

µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/02/20 13:01:00 | 000,000,782 | ---- | M] ()

Norton Internet Security.lnk -> C:\Users\Public\Desktop\Norton Internet Security.lnk -> [2010/02/20 09:49:28 | 000,002,279 | ---- | M] ()

SYMEVENT64x86.SYS -> C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -> [2010/02/20 04:02:23 | 000,172,592 | ---- | M] (Symantec Corporation)

SYMEVENT64x86.CAT -> C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT -> [2010/02/20 04:02:23 | 000,007,440 | ---- | M] ()

SYMEVENT64x86.INF -> C:\Windows\SysNative\drivers\SYMEVENT64x86.INF -> [2010/02/20 04:02:23 | 000,000,855 | ---- | M] ()

cchpx64.sys -> C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys -> [2010/02/20 02:44:50 | 000,583,296 | ---- | M] (Symantec Corporation)

BHDrvx64.sys -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -> [2010/02/20 02:44:50 | 000,334,384 | ---- | M] (Symantec Corporation)

symnetv.cat -> C:\Windows\SysNative\drivers\NISx64\1008000.029\symnetv.cat -> [2010/02/20 02:44:47 | 000,009,412 | ---- | M] ()

BHDrvx64.CAT -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.CAT -> [2010/02/20 02:44:47 | 000,007,362 | ---- | M] ()

SymNetV.inf -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SymNetV.inf -> [2010/02/20 02:44:47 | 000,001,481 | ---- | M] ()

BHDrvx64.inf -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.inf -> [2010/02/20 02:44:47 | 000,000,640 | ---- | M] ()

isolate.ini -> C:\Windows\SysNative\drivers\NISx64\1008000.029\isolate.ini -> [2010/02/20 02:44:47 | 000,000,172 | ---- | M] ()

Windows Live Messenger .lnk -> C:\Users\renata\Desktop\Windows Live Messenger .lnk -> [2010/02/20 01:29:04 | 000,002,007 | ---- | M] ()

CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/02/18 19:34:50 | 000,178,800 | ---- | M] (Sony DADC Austria AG.)

pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/02/18 19:31:40 | 002,250,024 | ---- | M] ()

PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] ()

Windows Media Player.lnk -> C:\Users\renata\Desktop\Windows Media Player.lnk -> [2010/02/17 23:55:42 | 000,000,968 | ---- | M] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2010/02/17 20:47:30 | 000,524,288 | -HS- | M] ()

Paint.lnk -> C:\Users\renata\Desktop\Paint.lnk -> [2010/02/17 20:01:17 | 000,001,637 | ---- | M] ()

103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysWow64\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | M] ()

103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysNative\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | M] ()

ntuser.ini -> C:\Users\renata\ntuser.ini -> [2010/02/17 19:28:46 | 000,000,020 | -HS- | M] ()

license.rtf -> C:\Windows\SysNative\license.rtf -> [2010/02/17 15:30:52 | 000,054,574 | ---- | M] ()

pctplsg64.sys -> C:\Windows\SysNative\drivers\pctplsg64.sys -> [2010/02/05 09:25:38 | 000,092,896 | ---- | M] (PC Tools)

pctwfpfilter64.sys -> C:\Windows\SysNative\drivers\pctwfpfilter64.sys -> [2010/02/05 09:18:00 | 000,133,072 | ---- | M] (PC Tools)

pctgntdi64.sys -> C:\Windows\SysNative\drivers\pctgntdi64.sys -> [2010/02/05 09:17:56 | 000,306,648 | ---- | M] (PC Tools)

1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files - No Company Name]

Shareaza.lnk -> C:\Users\Public\Desktop\Shareaza.lnk -> [2010/03/04 21:37:50 | 000,000,934 | ---- | C] ()

eMule.lnk -> C:\Users\Public\Desktop\eMule.lnk -> [2010/03/02 13:59:52 | 000,000,830 | ---- | C] ()

Documentos - Atalho.lnk -> C:\Users\renata\Documentos - Atalho.lnk -> [2010/03/02 10:08:02 | 000,000,372 | ---- | C] ()

OTS - Atalho.lnk -> C:\Users\renata\Desktop\OTS - Atalho.lnk -> [2010/03/01 19:55:12 | 000,000,528 | ---- | C] ()

Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/03/01 11:32:47 | 000,000,000 | -H-- | C] ()

Msft_Kernel_HpqKbFiltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2010/02/28 03:24:32 | 000,000,000 | -H-- | C] ()

ieuinit.inf -> C:\Windows\SysWow64\ieuinit.inf -> [2010/02/27 23:28:36 | 000,057,667 | ---- | C] ()

ieuinit.inf -> C:\Windows\SysNative\ieuinit.inf -> [2010/02/27 23:28:36 | 000,057,667 | ---- | C] ()

EhStorAuthn.dll -> C:\Windows\SysNative\EhStorAuthn.dll -> [2010/02/27 23:02:46 | 000,121,856 | ---- | C] ()

EhStorAuthn.dll -> C:\Windows\SysWow64\EhStorAuthn.dll -> [2010/02/27 23:02:46 | 000,117,248 | ---- | C] ()

systemsf.ebd -> C:\Windows\SysNative\systemsf.ebd -> [2010/02/27 23:02:24 | 000,262,552 | ---- | C] ()

dot3.tmf -> C:\Windows\SysNative\dot3.tmf -> [2010/02/27 23:01:45 | 000,471,992 | ---- | C] ()

eaphost.tmf -> C:\Windows\SysNative\eaphost.tmf -> [2010/02/27 23:01:41 | 000,700,507 | ---- | C] ()

StructuredQuerySchema.bin -> C:\Windows\SysWow64\StructuredQuerySchema.bin -> [2010/02/27 23:01:35 | 000,107,612 | ---- | C] ()

StructuredQuerySchema.bin -> C:\Windows\SysNative\StructuredQuerySchema.bin -> [2010/02/27 23:01:35 | 000,107,612 | ---- | C] ()

locale.nls -> C:\Windows\SysWow64\locale.nls -> [2010/02/27 23:01:28 | 003,662,128 | ---- | C] ()

locale.nls -> C:\Windows\SysNative\locale.nls -> [2010/02/27 23:01:27 | 003,662,128 | ---- | C] ()

onex.tmf -> C:\Windows\SysNative\onex.tmf -> [2010/02/27 23:01:27 | 000,395,723 | ---- | C] ()

WFP.TMF -> C:\Windows\SysNative\WFP.TMF -> [2010/02/27 23:00:25 | 000,207,968 | ---- | C] ()

slmgr.vbs -> C:\Windows\SysWow64\slmgr.vbs -> [2010/02/27 23:00:19 | 000,092,918 | ---- | C] ()

slmgr.vbs -> C:\Windows\SysNative\slmgr.vbs -> [2010/02/27 23:00:19 | 000,092,918 | ---- | C] ()

msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2010/02/27 23:00:10 | 000,368,640 | ---- | C] ()

spcinstrumentation.man -> C:\Windows\SysWow64\spcinstrumentation.man -> [2010/02/27 22:58:59 | 000,009,239 | ---- | C] ()

spcinstrumentation.man -> C:\Windows\SysNative\spcinstrumentation.man -> [2010/02/27 22:58:59 | 000,009,239 | ---- | C] ()

RacUR.xml -> C:\Windows\SysWow64\RacUR.xml -> [2010/02/27 22:57:46 | 000,009,212 | ---- | C] ()

RacUR.xml -> C:\Windows\SysNative\RacUR.xml -> [2010/02/27 22:57:46 | 000,009,212 | ---- | C] ()

iexplore.lnk -> C:\Users\renata\Desktop\iexplore.lnk -> [2010/02/27 14:38:24 | 000,000,909 | ---- | C] ()

Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/02/27 14:08:59 | 000,001,778 | ---- | C] ()

cc_20100224_230237 copia.reg -> C:\Users\renata\Documents\cc_20100224_230237 copia.reg -> [2010/02/24 23:02:45 | 000,097,582 | ---- | C] ()

CCleaner.lnk -> C:\Users\renata\Desktop\CCleaner.lnk -> [2010/02/24 22:56:51 | 000,001,724 | ---- | C] ()

Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/02/22 23:27:57 | 000,000,848 | ---- | C] ()

aa.lic -> C:\Windows\aa.lic -> [2010/02/22 19:46:06 | 000,000,256 | ---- | C] ()

SpywareBlaster.lnk -> C:\Users\renata\Desktop\SpywareBlaster.lnk -> [2010/02/22 16:32:32 | 000,000,842 | ---- | C] ()

BDTSupport.dll -> C:\Windows\BDTSupport.dll -> [2010/02/22 12:54:15 | 000,767,952 | ---- | C] ()

UDB.zip -> C:\Windows\UDB.zip -> [2010/02/22 12:54:14 | 001,152,444 | ---- | C] ()

RegSDImport.xml -> C:\Windows\RegSDImport.xml -> [2010/02/22 12:54:14 | 000,000,882 | ---- | C] ()

RegISSImport.xml -> C:\Windows\RegISSImport.xml -> [2010/02/22 12:54:14 | 000,000,879 | ---- | C] ()

IDB.zip -> C:\Windows\IDB.zip -> [2010/02/22 12:54:14 | 000,000,131 | ---- | C] ()

pctgntdi64.cat -> C:\Windows\SysNative\drivers\pctgntdi64.cat -> [2010/02/22 12:16:03 | 000,007,357 | ---- | C] ()

pctcore64.cat -> C:\Windows\SysNative\drivers\pctcore64.cat -> [2010/02/22 12:15:38 | 000,007,353 | ---- | C] ()

Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/02/22 12:15:28 | 000,001,819 | ---- | C] ()

pctplsg64.cat -> C:\Windows\SysNative\drivers\pctplsg64.cat -> [2010/02/22 12:15:10 | 000,007,353 | ---- | C] ()

dd_vcredistMSI2E17.txt -> C:\Users\renata\AppData\Local\dd_vcredistMSI2E17.txt -> [2010/02/22 12:14:45 | 000,333,712 | ---- | C] ()

dd_vcredistUI2E1A.txt -> C:\Users\renata\AppData\Local\dd_vcredistUI2E1A.txt -> [2010/02/22 12:14:42 | 000,011,918 | ---- | C] ()

dd_vcredistUI2E17.txt -> C:\Users\renata\AppData\Local\dd_vcredistUI2E17.txt -> [2010/02/22 12:14:41 | 000,012,730 | ---- | C] ()

Live Microsoft Update.exe -> C:\Users\renata\Documents\Live Microsoft Update.exe -> [2010/02/22 03:16:02 | 000,421,005 | -H-- | C] ()

task.exe -> C:\Users\renata\Documents\task.exe -> [2010/02/22 03:15:58 | 000,421,517 | -H-- | C] ()

DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010/02/22 02:47:43 | 000,001,789 | ---- | C] ()

xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2010/02/22 02:28:39 | 000,887,296 | ---- | C] ()

ac3filter.ax -> C:\Windows\SysWow64\ac3filter.ax -> [2010/02/22 02:28:39 | 000,797,184 | ---- | C] ()

ac3filter.acm -> C:\Windows\SysWow64\ac3filter.acm -> [2010/02/22 02:28:39 | 000,497,664 | ---- | C] ()

coreaac.ax -> C:\Windows\SysWow64\coreaac.ax -> [2010/02/22 02:28:39 | 000,319,488 | ---- | C] ()

xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2010/02/22 02:28:39 | 000,198,144 | ---- | C] ()

xvid.ax -> C:\Windows\SysWow64\xvid.ax -> [2010/02/22 02:28:39 | 000,150,528 | ---- | C] ()

qt-dx331.dll -> C:\Windows\SysWow64\qt-dx331.dll -> [2010/02/22 02:28:38 | 003,596,288 | ---- | C] ()

divxsm.tlb -> C:\Windows\SysWow64\divxsm.tlb -> [2010/02/22 02:28:38 | 000,004,816 | ---- | C] ()

sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | C] ()

binkw32.dll -> C:\Windows\SysNative\binkw32.dll -> [2010/02/21 23:56:24 | 000,358,963 | ---- | C] ()

hpqp.txt -> C:\ProgramData\hpqp.txt -> [2010/02/20 18:04:59 | 000,000,021 | ---- | C] ()

cnc.ini -> C:\Windows\cnc.ini -> [2010/02/20 13:49:22 | 000,000,018 | ---- | C] ()

µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/02/20 13:00:39 | 000,000,782 | ---- | C] ()

wlan.tmf -> C:\Windows\SysNative\wlan.tmf -> [2010/02/20 05:53:22 | 002,608,861 | ---- | C] ()

Windows Live Messenger .lnk -> C:\Users\renata\Desktop\Windows Live Messenger .lnk -> [2010/02/20 01:29:04 | 000,002,007 | ---- | C] ()

desktop.ini -> C:\Users\renata\AppData\Roaming\desktop.ini -> [2010/02/20 00:19:48 | 000,000,006 | -HS- | C] ()

desktop.ini -> C:\Users\renata\AppData\Local\desktop.ini -> [2010/02/20 00:19:44 | 000,000,006 | -HS- | C] ()

pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/02/18 19:31:39 | 002,250,024 | ---- | C] ()

PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/02/18 18:25:49 | 000,066,872 | ---- | C] ()

PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/02/18 18:25:42 | 000,183,112 | ---- | C] ()

Windows Media Player.lnk -> C:\Users\renata\Desktop\Windows Media Player.lnk -> [2010/02/17 23:55:42 | 000,000,968 | ---- | C] ()

IconCache.db -> C:\Users\renata\AppData\Local\IconCache.db -> [2010/02/17 20:47:28 | 002,046,607 | -H-- | C] ()

Paint.lnk -> C:\Users\renata\Desktop\Paint.lnk -> [2010/02/17 20:01:17 | 000,001,637 | ---- | C] ()

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\renata\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/02/17 19:54:14 | 000,008,704 | ---- | C] ()

SYMEVENT64x86.CAT -> C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT -> [2010/02/17 19:38:38 | 000,007,440 | ---- | C] ()

SYMEVENT64x86.INF -> C:\Windows\SysNative\drivers\SYMEVENT64x86.INF -> [2010/02/17 19:38:38 | 000,000,855 | ---- | C] ()

QSwitch.txt -> C:\Users\renata\AppData\Local\QSwitch.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] ()

DSwitch.txt -> C:\Users\renata\AppData\Local\DSwitch.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] ()

AtStart.txt -> C:\Users\renata\AppData\Local\AtStart.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] ()

GDIPFONTCACHEV1.DAT -> C:\Users\renata\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/02/17 19:37:07 | 000,075,848 | ---- | C] ()

HPWALog.txt -> C:\ProgramData\HPWALog.txt -> [2010/02/17 19:37:07 | 000,015,189 | ---- | C] ()

103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysWow64\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | C] ()

103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysNative\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | C] ()

ntuser.ini -> C:\Users\renata\ntuser.ini -> [2010/02/17 19:28:46 | 000,000,020 | -HS- | C] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2010/02/17 19:28:45 | 000,524,288 | -HS- | C] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2010/02/17 19:28:45 | 000,524,288 | -HS- | C] ()

NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2010/02/17 19:28:44 | 000,065,536 | -HS- | C] ()

NTUSER.DAT -> C:\Users\renata\NTUSER.DAT -> [2010/02/17 19:28:43 | 002,883,584 | -HS- | C] ()

physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008/10/07 09:13:30 | 000,197,912 | ---- | C] ()

AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 000,058,648 | ---- | C] ()

AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()

tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 23:50:05 | 000,060,124 | ---- | C] ()

GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 12:07:25 | 000,037,665 | ---- | C] ()

GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 12:07:25 | 000,029,779 | ---- | C] ()

GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 12:07:25 | 000,026,489 | ---- | C] ()

GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 12:07:25 | 000,026,040 | ---- | C] ()

[Alternate Data Streams]

@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:5C321E34

@Alternate Data Stream - 16 bytes -> C:\Users\renata\Downloads:Shareaza.GUID

@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >

Boa Tarde!!!

agora como devo proceder?

obrigado!

Sam Spade · Março 6, 2010

Execute o OTS.exe by OldTimer. Na caixa Paste Fix Here do lado direito do OTS, cole o que está dentro do CODE:

[Unregister Dlls][Custom Items]:filesC:\Users\renata\Documents\task.exeC:\Users\renata\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.iniC:\Users\renata\Documents\Live Microsoft Update.exe:end[Empty Temp Folders][Reboot]

Clique no botão . Aguarde o Fix terminar.

Dê o OK para que o PC reinicie. Depois que reiniciar, quando começar a carregar o SO, aparecerá uma janela pedindo que autorize que seja executado o OTS.exe. Permita.

Então abrirá um log. O log é salvo em C:\_OTS\MovedFiles\

O seu nome significa o dia e a hora que foi gerado: data_hora.log

Ex: 02232010_165746.log

Acesse o '>http://www.virustotal.com/pt"]VirusTotal.com ou o '>http://virusscan.jotti.org/pt-br"]Jotti.com

Na caixa Procurar, clique com o direito e cole esta linha abaixo:

C:\Users\renata\AppData\Local\Temp\IXP000.TMP\arm.exe

Depois clique em Enviar Arquivo no VirusTotal ou em Enviar no Jotti.

Aguarde enquanto o site examina o arquivo.

Quando terminar, copie o resultado e cole na sua resposta.

Obs: Se você usar o VirusTotal, caso o arquivo já tenha sido analisado anteriormente pelo site, você verá uma imagem semelhante a esta:

Se isso acontecer, então apenas copie o link indicado na imagem e cole na sua resposta.

Poste o log do OTS.

edi_theone · Março 6, 2010

boa noite!

amigo fiz tudo e na hora de procurar no virus total aparece esta mensagem:

o caminho não existe.

verifique o caminho e tente novamente!

outra coisa já temtei instalar varios jogos e sempre aparece uma mensagem assim só mudando os nomes dos arquivos dependendo do jogo:

não foi possivel localizar o ponto de entrada do procedimento Binck control background na biblioteca de vinculo dinamico.

cada ves e um arquivo que não acha este ponto de entrada!

e ai amigo o que fazer?

obrigado.

Sam Spade · Março 6, 2010

Opa, era para ter pedido a análise antes de usar o Fix. Poste o log do OTS.

edi_theone · Março 7, 2010

opa,beleza amigo, gerei hj de novo ta ai!e ai como proceder?obrigado!

OTS logfile created on: 07/03/2010 22:41:15 - Run 3OTS by OldTimer - Version 3.1.23.0     Folder = C:\Users\renata\Desktop64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18882)Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 221,07 Gb Total Space | 104,84 Gb Free Space | 47,42% Space Free | Partition Type: NTFSDrive D: | 11,81 Gb Total Space | 1,35 Gb Free Space | 11,45% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: RENATA-PCCurrent User Name: renataLogged in as Administrator. Current Boot Mode: NormalScan Mode: All usersInclude 64bit ScansCompany Name Whitelist: OnSkip Microsoft Files: OnFile Age = 30 Days [Processes - Safe List]ots.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools)jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2010/02/27 23:09:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] ()gbpsv.exe -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2010/02/18 10:20:12 | 000,054,048 | ---- | M] ( )bdtupdateservice.exe -> C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/21 20:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.)ccsvchst.exe -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -> [2010/01/20 18:03:39 | 000,117,640 | R--- | M] (Symantec Corporation)pctstray.exe -> C:\Program Files (x86)\Spyware Doctor\pctsTray.exe -> [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools)pctssvc.exe -> C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -> [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools)firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/01/16 00:18:31 | 000,910,296 | ---- | M] (Mozilla Corporation)pctsauxs.exe -> C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -> [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools)dtlite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -> [2009/10/30 08:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)wlcomm.exe -> C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe -> [2009/09/30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation)msnmsgr.exe -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 16:44:26 | 003,883,840 | ---- | M] (Microsoft Corporation)blservice.exe -> C:\Program Files (x86)\SMINST\BLService.exe -> [2008/12/17 15:11:40 | 000,365,952 | ---- | M] ()com4qlbex.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -> [2008/11/19 08:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.)bluetoothheadsetproxy.exe -> C:\Arquivos de programas\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe -> [2008/06/19 13:04:50 | 000,014,376 | ---- | M] (Broadcom Corporation.) [Modules - Safe List]ots.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools)pctgmhk.dll -> C:\Program Files (x86)\Spyware Doctor\pctgmhk.dll -> [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools)smum32.dll -> C:\Program Files (x86)\Spyware Doctor\smum32.dll -> [2009/09/09 22:54:58 | 000,245,824 | ---- | M] (PC Tools)comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/04/11 03:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List]64bit-(FontCache)  [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/09/24 22:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation)64bit-(BthServ)  [Auto | Running] -> C:\Windows\SysNative\bthserv.dll -> [2009/04/11 04:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation)64bit-(STacSV)  [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe -> [2008/09/11 08:53:00 | 000,279,040 | ---- | M] (IDT, Inc.)64bit-(AESTFilters)  [Auto | Running] -> C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe -> [2008/06/27 12:53:06 | 000,089,088 | ---- | M] (Andrea Electronics Corporation)64bit-(AgereModemAudio)  [Auto | Running] -> C:\Windows\SysNative\agr64svc.exe -> [2007/12/11 11:11:30 | 000,015,872 | ---- | M] (Agere Systems)(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] ()(GbpSv) Gbp Service [Unknown | Running] -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2010/02/18 10:20:12 | 000,054,048 | ---- | M] ( )(Browser Defender Update Service) Browser Defender Update Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/21 20:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.)(Norton Internet Security) Norton Internet Security [Auto | Running] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -> [2010/01/20 18:03:39 | 000,117,640 | R--- | M] (Symantec Corporation)(sdCoreService) PC Tools Security Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -> [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools)(sdAuxService) PC Tools Auxiliary Service [Auto | Running] -> C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -> [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools)(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/03/30 01:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation)(Recovery Service for Windows) Recovery Service for Windows [Auto | Running] -> C:\Program Files (x86)\SMINST\BLService.exe -> [2008/12/17 15:11:40 | 000,365,952 | ---- | M] ()(Com4QLBEx) Com4QLBEx [On_Demand | Running] -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -> [2008/11/19 08:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.)(MSDTC) Coordenador de transações distribuídas [Unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2006/11/02 10:34:14 | 000,000,000 | ---D | M](vds) Disco Virtual [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 03:35:15 | 000,060,994 | ---- | M] ()(VSS) Cópia de Sombra de Volume [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vss.mof -> [2006/11/02 03:35:15 | 000,055,846 | ---- | M] ()(IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Driver Services - Safe List]64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | M] ()64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -> [2010/02/20 04:02:23 | 000,172,592 | ---- | M] (Symantec Corporation)64bit-(ccHP) Symantec Hash Provider [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\ccHPx64.sys -> [2010/02/20 02:44:50 | 000,583,296 | ---- | M] (Symantec Corporation)64bit-(BHDrvx64) Symantec Heuristics Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -> [2010/02/20 02:44:50 | 000,334,384 | ---- | M] (Symantec Corporation)64bit-(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SYMEFA64.SYS -> [2010/01/20 18:03:40 | 000,402,992 | ---- | M] (Symantec Corporation)64bit-(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMTDI.SYS -> [2010/01/20 18:03:40 | 000,278,576 | ---- | M] (Symantec Corporation)64bit-(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMFW.SYS -> [2010/01/20 18:03:40 | 000,120,880 | ---- | M] (Symantec Corporation)64bit-(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SYMNDISV.SYS -> [2010/01/20 18:03:40 | 000,056,880 | ---- | M] (Symantec Corporation)64bit-(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\DRIVERS\SymIMv.sys -> [2010/01/20 18:03:40 | 000,031,280 | R--- | M] (Symantec Corporation)64bit-(SRTSP) Symantec Real Time Storage Protection x64 [File_System | System | Running] -> C:\Windows\SysNative\Drivers\NISx64\1008000.029\SRTSP64.SYS -> [2010/01/20 18:03:39 | 000,476,720 | ---- | M] (Symantec Corporation)64bit-(SRTSPX) Symantec Real Time Storage Protection (PEL) x64 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SRTSPX64.SYS -> [2010/01/20 18:03:39 | 000,032,304 | ---- | M] (Symantec Corporation)64bit-(PCTCore) PCTools KDS [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PCTCore64.sys -> [2009/09/23 16:10:04 | 000,218,056 | ---- | M] (PC Tools)64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\psi_mf.sys -> [2009/06/17 09:19:14 | 000,015,208 | ---- | M] (Secunia)64bit-(BTHPORT) Driver de Porta Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\BTHport.sys -> [2009/04/11 02:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation)64bit-(RFCOMM) Dispositivo Bluetooth (TDI de Protocolo RFCOMM) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\rfcomm.sys -> [2009/04/11 02:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation)64bit-(BthEnum) Serviço de Enumerador de Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\BthEnum.sys -> [2009/04/11 02:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation)64bit-(BTHUSB) Driver USB de Rádio Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\BTHUSB.sys -> [2009/04/11 02:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation)64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2008/12/03 10:21:52 | 000,184,832 | ---- | M] (Realtek Corporation                                            )64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\stwrt64.sys -> [2008/09/11 08:54:44 | 000,465,408 | ---- | M] (IDT, Inc.)64bit-(enecir) ENE CIR Receiver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\enecir.sys -> [2008/09/04 14:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.)64bit-(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\igdkmd64.sys -> [2008/09/02 10:21:04 | 008,034,592 | ---- | M] (Intel Corporation)64bit-(NETw5v64) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\NETw5v64.sys -> [2008/08/28 20:57:24 | 004,745,216 | ---- | M] (Intel Corporation)64bit-(JMCR) JMCR [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\jmcr.sys -> [2008/07/21 07:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation)64bit-(IntcHdmiAddService) Intel(R) High Definition Audio HDMI [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\IntcHdmi.sys -> [2008/07/15 05:20:42 | 000,126,464 | ---- | M] (Intel(R) Corporation)64bit-(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwavdt.sys -> [2008/06/23 08:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.)64bit-(btwaudio) Dispositivo de áudio Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\btwaudio.sys -> [2008/06/23 08:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.)64bit-(btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\btwrchid.sys -> [2008/06/23 08:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.)64bit-(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\agrsm64.sys -> [2008/02/29 14:59:32 | 001,252,352 | ---- | M] (Agere Systems)64bit-(ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Apfiltr.sys -> [2008/01/31 20:23:14 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.)64bit-(usbvideo) Dispositivo de vídeo USB (WDM) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\usbvideo.sys -> [2008/01/20 23:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation)64bit-(BthPan) Dispositivo Bluetooth (Rede Pessoal) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\bthpan.sys -> [2008/01/20 23:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation)64bit-(NETw3v64) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\NETw3v64.sys -> [2008/01/20 23:46:57 | 003,154,432 | ---- | M] (Intel Corporation)64bit-(sdbus) sdbus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\sdbus.sys -> [2008/01/20 23:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation)64bit-(CmBatt) Driver de Bateria do Método de Controle ACPI da Microsoft [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\CmBatt.sys -> [2008/01/20 23:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation)64bit-(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -> [2007/06/18 15:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.)64bit-(HdAudAddService) Driver de Função Microsoft 1.1 UAA para Serviço de High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2006/11/02 02:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation)64bit-(yukonx64) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\yk60x64.sys -> [2006/10/03 22:45:36 | 000,273,408 | ---- | M] (Marvell)(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100306.004\EX64.SYS -> [2010/02/19 02:43:20 | 001,742,896 | ---- | M] (Symantec Corporation)(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -> [2010/02/19 02:43:20 | 000,475,696 | ---- | M] (Symantec Corporation)(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/02/19 02:43:20 | 000,132,656 | ---- | M] (Symantec Corporation)(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100306.004\ENG64.SYS -> [2010/02/19 02:43:20 | 000,116,272 | ---- | M] (Symantec Corporation)(GbpKm) Gbp KernelMode [Kernel | Boot | Stopped] -> C:\Windows\system32\drivers\gbpkm.sys -> [2010/02/18 10:20:44 | 000,030,752 | ---- | M] (GAS Tecnologia)(IDSVia64) IDSVia64 [Kernel | System | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100224.002\IDSviA64.sys -> [2010/02/10 20:19:26 | 000,466,992 | ---- | M] (Symantec Corporation)(DiagnosticScan) DiagnosticScan [Kernel | Boot | Stopped] -> C:\Windows\SysWOW64\drivers\DiagnosticScan.SYS -> [2009/11/15 22:48:16 | 000,017,408 | ---- | M] (AdwareAway.net)(Start1Driver) Start1Driver [Kernel | System | Stopped] -> C:\Windows\SysWOW64\drivers\Start1Driver.SYS -> [2009/10/19 10:21:41 | 000,005,120 | ---- | M] (F.Y.N. Technology Inc.)(Tcpip) Driver de Protocolo TCP/IP [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 18:36:40 | 000,003,066 | ---- | M] ()(mpsdrv) Driver de Autorização do Firewall do Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 18:35:23 | 000,001,088 | ---- | M] () [Registry - Safe List]< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=91&bd=Presario&pf=cnnb -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"Start Page" -> http://www.google.com.br/ -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\renata\AppData\Roaming\Mozilla\FireFox\Profiles\8qatd06r.default\prefs.js -> extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.7.8 ->< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\MozillaHKLM\software\mozilla\Firefox\Extensions ->  -> HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} -> C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\ [C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\] -> [2010/03/07 15:14:50 | 000,000,000 | ---D | M]HKLM\software\mozilla\Mozilla Firefox 3.6\extensions ->  -> HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/02/27 14:08:56 | 000,000,000 | ---D | M]HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/02/27 23:11:17 | 000,000,000 | ---D | M]< FireFox Extensions [User Folders] > ->   -> C:\Users\renata\AppData\Roaming\mozilla\Extensions -> [2010/03/04 21:23:31 | 000,000,000 | ---D | M]  -> C:\Users\renata\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org -> [2010/03/04 21:23:31 | 000,000,000 | ---D | M]  -> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions -> [2010/03/07 18:46:20 | 000,000,000 | ---D | M]No name found   -> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/03/03 11:23:31 | 000,000,000 | ---D | M]No name found   -> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2010/03/05 09:02:11 | 000,000,000 | ---D | M]  -> C:\Users\renata\AppData\Roaming\mozilla\Firefox\Profiles\8qatd06r.default\extensions\staged-xpis -> [2010/03/03 11:23:31 | 000,000,000 | ---D | M]< FireFox Extensions [Program Folders] > ->   -> C:\Program Files (x86)\mozilla firefox\extensions -> [2010/03/07 10:08:39 | 000,000,000 | ---D | M]< HOSTS File > ([2010/03/05 09:00:27 | 000,000,761 | ---- | M] - 20 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts127.0.0.1       localhost::1             localhost< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 21:33:16 | 000,075,128 | ---- | M] (Adobe Systems Incorporated){2A0F3D1B-0909-4FF4-B272-609CCE6054E7} [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard BHO] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.){5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [Symantec NCO BHO] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation){6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL [Symantec Intrusion Prevention] -> [2010/01/20 18:03:37 | 000,107,896 | R--- | M] (Symantec Corporation){9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Auxiliar de Conexão do Windows Live] -> [2009/01/22 15:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation){C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Program Files (x86)\GbPlugin\gbieh.dll [GbIehObj Class] -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil){DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2010/02/27 23:09:46 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.)< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> File not found< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.)"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [Norton Toolbar] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation)< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 64bit-WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> File not foundWebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not foundWebBrowser\\"{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard] -> [2010/01/21 20:21:03 | 000,567,248 | ---- | M] (Threat Expert Ltd.)WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [Norton Toolbar] -> [2010/01/20 18:03:37 | 000,378,736 | R--- | M] (Symantec Corporation)< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Apoint" -> C:\Arquivos de Programas\Apoint2K\Apoint.exe [C:\Program Files\Apoint2K\Apoint.exe] -> [2008/01/21 14:10:04 | 000,246,784 | ---- | M] (Alps Electric Co., Ltd.)"HotKeysCmds" -> C:\Windows\SysNative\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2008/09/09 10:24:46 | 000,225,816 | ---- | M] (Intel Corporation)"IgfxTray" -> C:\Windows\SysNative\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2008/09/09 10:25:02 | 000,153,624 | ---- | M] (Intel Corporation)"Persistence" -> C:\Windows\SysNative\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2008/09/09 10:24:56 | 000,199,704 | ---- | M] (Intel Corporation)"SysTrayApp" -> C:\Arquivos de Programas\IDT\WDM\sttray64.exe [%ProgramFiles%\IDT\WDM\sttray64.exe] -> [2008/09/11 08:50:50 | 000,441,344 | ---- | M] (IDT, Inc.)"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 23:47:32 | 001,584,184 | ---- | M] (Microsoft Corporation)< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2008/06/12 01:38:00 | 000,034,672 | ---- | M] (Adobe Systems Incorporated)"HP Health Check Scheduler" -> c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] -> [2008/10/09 06:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard)"HP Software Update" -> C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] -> [2008/12/08 14:34:24 | 000,054,576 | ---- | M] (Hewlett-Packard)"ISTray" -> C:\Program Files (x86)\Spyware Doctor\pctsTray.exe ["C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"] -> [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools)"QlbCtrl.exe" -> C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ["C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start] -> [2008/10/10 11:24:44 | 000,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.)"QPService" -> C:\Program Files (x86)\HP\QuickPlay\QPService.exe ["C:\Program Files (x86)\HP\QuickPlay\QPService.exe"] -> [2008/09/23 16:21:52 | 000,468,264 | ---- | M] (CyberLink Corp.)"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2010/02/27 23:09:47 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)"UCam_Menu" -> C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"] -> [2008/12/03 21:15:16 | 000,218,408 | ---- | M] (CyberLink Corp.)"UpdateLBPShortCut" -> C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"] -> [2008/06/13 17:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)"UpdateP2GoShortCut" -> C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"] -> [2008/10/30 10:51:46 | 000,210,216 | ---- | M] (CyberLink Corp.)"UpdatePDIRShortCut" -> C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"] -> [2008/06/13 17:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)"UpdatePSTShortCut" -> C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2008/11/26 10:34:22 | 000,210,216 | ---- | M] (CyberLink Corp.)"WirelessAssistant" -> C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe] -> [2008/12/08 10:25:24 | 000,432,432 | ---- | M] (Hewlett-Packard)< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)"WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 03:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 03:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)"WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 03:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)< Run [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009/10/30 08:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)"LightScribe Control Panel" -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden] -> [2008/06/09 09:16:32 | 002,363,392 | ---- | M] (Hewlett-Packard Company)"Task Menu" -> C:\Users\renata\Documents\task.exe [C:\Users\renata\Documents\task.exe] -> File not found"Windows Live Updater" -> C:\Users\renata\Documents\Live Microsoft Update.exe [C:\Users\renata\Documents\Live Microsoft Update.exe] -> File not found"WMPNSCFG" -> C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoActiveDesktop" ->  [1] -> File not found< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\SystemHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Enviar imagem para Dispositivo &Bluetooth... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 11:57:50 | 000,001,199 | ---- | M] ()Enviar página para Dispositivo &Bluetooth ... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xportar para o Microsoft Excel -> C:\Arquivos de Programas (x86)\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> File not foundEnviar imagem para Dispositivo &Bluetooth... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 11:57:50 | 000,001,199 | ---- | M] ()Enviar página para Dispositivo &Bluetooth ... -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] (){CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [Button: Enviar para o OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation){2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation){92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation){CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: Enviar para Bluetooth] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] (){CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Arquivos de Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: Enviar para Dispositivo &Bluetooth...] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\Software\Microsoft\Internet Explorer\Extensions\ -> 64bit-CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@btrez.dll,-4015;Enviar para Bluetooth] -> File not foundCmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> @btrez.dll,-4015 [Enviar para Bluetooth;@btrez.dll,-4015;Enviar para Bluetooth] -> File not found< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix"" -> http://< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix"" -> http://< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4823 domain(s) found. -> www_bancobrasil.com.br [*] -> Trusted sites -> www14_bancobrasil.com.br [*] -> Trusted sites -> www2_bancobrasil.com.br [*] -> Trusted sites -> www_bb.com.br [*] -> Trusted sites -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\] > -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2905173342-2339181292-3536488456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {DC2E041F-5FD0-4ACB-8197-5919DE88C9F9}\\NameServer -> 189.124.16.2,189.124.16.14   (Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 04:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation)*MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)*MultiFile Done* -> -> < 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> C:\Windows\SysNative\igfxdev.dll -> [2008/09/02 09:59:46 | 000,228,352 | ---- | M] (Intel Corporation)< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->  GbPluginBb -> C:\Program Files (x86)\GbPlugin\gbieh.dll -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil)< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Program Files (x86)\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2010/02/18 10:19:34 | 000,323,360 | ---- | M] (Banco do Brasil)< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications -> < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {08470E25-CF34-4375-8411-FC375F1DC757} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | {193794C4-DCD7-4BA3-9339-47F6C93126EA} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0CFAE9F0-0E4E-4142-BC1A-3F042D3E5358} -> protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {2D91DF8B-B839-4A2E-A476-66775327A382} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | {2DF1E13C-F0A9-41DB-B3AD-D85836078243} -> dir=in | action=allow | name=quick play | app=c:\program files (x86)\hp\quickplay\qp.exe | {38DEC984-0C44-4C64-B29B-BD76F867AD14} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {50F03A7C-38E1-484C-95C1-82602364D801} -> profile=public | protocol=6 | dir=in | action=allow | name=editor | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | {5BB4B2C2-1D86-4402-AFF5-7285C55D56F7} -> profile=public | protocol=17 | dir=in | action=allow | name=far cry 2 | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | {68E7C64E-6356-4571-B29A-94643C17B37E} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {69EEA631-C185-4B5C-AD9E-56703B3FC278} -> profile=public | protocol=6 | dir=in | action=allow | name=far cry 2 | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | {8439CBEE-6C19-4564-92FA-7EFAA049C2C9} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | {88F8615B-5E11-430A-A38C-623171DF6A04} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {8BE2939D-4C95-418E-96EE-82E0B27FAA2E} -> profile=private | protocol=6 | dir=in | action=allow | name=lobezno x-men - los orígenes(tm) | app=c:\program files (x86)\activision\lobezno x-men - los orígenes(tm)\binaries\wolverine.exe | {9295479F-8B78-48F5-B1A2-9096160D1D85} -> profile=public | protocol=17 | dir=in | action=allow | name=editor | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | {92980EFF-6D0A-4A3F-8CAC-2AA54E9A962B} -> profile=public | protocol=17 | dir=in | action=allow | name=far cry 2 updater | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | {9552F818-BCB6-435F-BB2A-93DD9048F7CF} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {A32B8D8C-0371-4F1B-85B7-4966DBB5EC68} -> protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {BA8EC1E6-085A-4F42-86E8-7C5F0E7E70D2} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {BCFE049E-6577-4695-81D6-920C1425F43E} -> profile=public | protocol=6 | dir=in | action=allow | name=far cry 2 updater | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | {C6B33A23-269D-416A-A08F-62A931405F87} -> profile=private | protocol=17 | dir=in | action=allow | name=lobezno x-men - los orígenes(tm) | app=c:\program files (x86)\activision\lobezno x-men - los orígenes(tm)\binaries\wolverine.exe | {D2CC3E89-020C-4C8A-AF9F-FDFB36427D9C} -> profile=private | protocol=6 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe | {D6960EB0-F822-420F-BA07-D7A87B1DF1F1} -> dir=in | action=allow | name=quick play resident program | app=c:\program files (x86)\hp\quickplay\qpservice.exe | {D7564DAB-4111-415A-B131-E77E46D3E9F9} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {DAC24117-EE1C-4E10-8E9A-C8CFD38F1D7F} -> profile=private | protocol=17 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe | {EE1C317D-3F59-41A7-89BD-8B835601F522} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->"AutoRun" -> 1 -> "DisplayName" -> Driver de CD-ROM -> "ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/04/11 02:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation)< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{8dc979ab-1f72-11df-b0b3-00247eb46b0c}HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\\"" ->  [AutoRun] -> File not foundHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\AutoRun\command\{8dc979ab-1f72-11df-b0b3-00247eb46b0c}\shell\AutoRun\command\\"" -> F:\autorun.exe [F:\autorun.exe] -> File not found< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found64bit-exefile [open] -> "%1" %* -> File not foundcomfile [open] -> "%1" %* -> exefile [open] -> "%1" %* ->   [Files/Folders - Created Within 30 Days] _OTS -> C:\_OTS -> [2010/03/07 00:31:28 | 000,000,000 | ---D | C] Activision -> C:\Program Files (x86)\Activision -> [2010/03/06 22:54:36 | 000,000,000 | ---D | C] cod4 -> C:\Users\renata\Desktop\cod4 -> [2010/03/06 22:09:37 | 000,000,000 | ---D | C] mensagem -> C:\Users\renata\Desktop\mensagem -> [2010/03/06 00:17:59 | 000,000,000 | ---D | C] directx -> C:\Program Files (x86)\directx -> [2010/03/05 18:01:45 | 000,000,000 | ---D | C] Nova Pasta -> C:\Users\renata\Desktop\Nova Pasta -> [2010/03/05 16:34:43 | 000,000,000 | ---D | C] Praetorians -> C:\Users\renata\Documents\Praetorians -> [2010/03/05 16:33:21 | 000,000,000 | ---D | C] Uniblue -> C:\Users\renata\AppData\Roaming\Uniblue -> [2010/03/05 16:21:31 | 000,000,000 | ---D | C] Uniblue -> C:\Program Files (x86)\Uniblue -> [2010/03/05 16:21:20 | 000,000,000 | ---D | C] gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2010/03/05 09:02:03 | 000,030,752 | ---- | C] (GAS Tecnologia) GbPlugin -> C:\ProgramData\GbPlugin -> [2010/03/05 09:01:30 | 000,000,000 | ---D | C] GbPlugin -> C:\Program Files (x86)\GbPlugin -> [2010/03/05 09:01:29 | 000,000,000 | ---D | C] praeto -> C:\Users\renata\Desktop\praeto -> [2010/03/05 00:04:34 | 000,000,000 | ---D | C] OTS.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:00 | 000,634,368 | ---- | C] (OldTimer Tools) EA Games -> C:\Users\renata\Documents\EA Games -> [2010/03/04 23:09:38 | 000,000,000 | ---D | C] EA Games -> C:\Users\Public\Documents\EA Games -> [2010/03/04 23:09:38 | 000,000,000 | ---D | C] LimeWire -> C:\Users\renata\Documents\LimeWire -> [2010/03/04 21:23:52 | 000,000,000 | ---D | C] praetorians primeiro baixado partes -> C:\Users\renata\Desktop\praetorians primeiro baixado partes -> [2010/03/04 20:03:55 | 000,000,000 | ---D | C] TimeBomb -> C:\Program Files (x86)\TimeBomb -> [2010/03/02 23:02:35 | 000,000,000 | ---D | C] eMule -> C:\Program Files (x86)\eMule -> [2010/03/02 13:59:39 | 000,000,000 | ---D | C] eMule -> C:\ProgramData\eMule -> [2010/03/02 13:20:24 | 000,000,000 | ---D | C] eMule -> C:\Users\renata\AppData\Local\eMule -> [2010/03/02 13:19:52 | 000,000,000 | ---D | C] Opera -> C:\Users\renata\AppData\Local\Opera -> [2010/03/02 08:40:43 | 000,000,000 | ---D | C] Opera -> C:\Users\renata\AppData\Roaming\Opera -> [2010/03/02 08:40:41 | 000,000,000 | ---D | C] Opera -> C:\Program Files (x86)\Opera -> [2010/03/02 08:40:13 | 000,000,000 | ---D | C] Windows Portable Devices -> C:\Program Files (x86)\Windows Portable Devices -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C] Windows Portable Devices -> C:\Arquivos de Programas\Windows Portable Devices -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C] spool -> C:\Windows\SysWow64\spool -> [2010/03/01 11:33:28 | 000,000,000 | ---D | C] vi-VN -> C:\Windows\SysWow64\vi-VN -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C] eu-ES -> C:\Windows\SysWow64\eu-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C] eu-ES -> C:\Windows\SysNative\eu-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C] ca-ES -> C:\Windows\SysWow64\ca-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C] ca-ES -> C:\Windows\SysNative\ca-ES -> [2010/02/28 03:33:19 | 000,000,000 | ---D | C] vi-VN -> C:\Windows\SysNative\vi-VN -> [2010/02/28 03:33:18 | 000,000,000 | ---D | C] EventProviders -> C:\Windows\SysNative\EventProviders -> [2010/02/28 01:55:50 | 000,000,000 | ---D | C] Mozilla -> C:\Users\renata\AppData\Roaming\Mozilla -> [2010/02/27 14:10:27 | 000,000,000 | ---D | C] Mozilla -> C:\Users\renata\AppData\Local\Mozilla -> [2010/02/27 14:10:27 | 000,000,000 | ---D | C] Mozilla Firefox -> C:\Program Files (x86)\Mozilla Firefox -> [2010/02/27 14:08:47 | 000,000,000 | ---D | C] talim -> C:\Users\renata\Desktop\talim -> [2010/02/25 00:02:24 | 000,000,000 | ---D | C] 32788R22FWJFW -> C:\32788R22FWJFW -> [2010/02/24 22:59:33 | 000,000,000 | ---D | C] LightScribe -> C:\ProgramData\LightScribe -> [2010/02/23 20:55:40 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\renata\AppData\Roaming\Malwarebytes -> [2010/02/22 23:28:07 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/02/22 23:27:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/02/22 23:27:37 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/02/22 23:27:35 | 000,022,104 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/02/22 23:27:33 | 000,000,000 | ---D | C] wolf -> C:\Users\renata\Desktop\wolf -> [2010/02/22 23:22:47 | 000,000,000 | ---D | C] Downloads -> C:\Users\renata\Documents\Downloads -> [2010/02/22 22:54:32 | 000,000,000 | ---D | C] GetRightToGo -> C:\Users\renata\AppData\Roaming\GetRightToGo -> [2010/02/22 22:54:22 | 000,000,000 | ---D | C] Minidump -> C:\Windows\Minidump -> [2010/02/22 21:48:35 | 000,000,000 | ---D | C] DiagnosticScan.SYS -> C:\Windows\SysWow64\drivers\DiagnosticScan.SYS -> [2010/02/22 19:46:06 | 000,017,408 | ---- | C] (AdwareAway.net) Start1Driver.SYS -> C:\Windows\SysWow64\drivers\Start1Driver.SYS -> [2010/02/22 19:46:06 | 000,005,120 | ---- | C] (F.Y.N. Technology Inc.) AA -> C:\Program Files (x86)\AA -> [2010/02/22 19:46:04 | 000,000,000 | ---D | C] Comodo -> C:\Users\renata\AppData\Local\Comodo -> [2010/02/22 19:06:49 | 000,000,000 | ---D | C] SpywareBlaster -> C:\Program Files (x86)\SpywareBlaster -> [2010/02/22 16:32:22 | 000,000,000 | ---D | C] SendShield -> C:\Program Files (x86)\SendShield -> [2010/02/22 16:27:20 | 000,000,000 | ---D | C] Secunia -> C:\Program Files (x86)\Secunia -> [2010/02/22 16:26:33 | 000,000,000 | ---D | C] Comodo -> C:\Users\renata\AppData\Roaming\Comodo -> [2010/02/22 16:20:23 | 000,000,000 | ---D | C] CCleaner -> C:\Program Files (x86)\CCleaner -> [2010/02/22 16:11:20 | 000,000,000 | ---D | C] Google -> C:\ProgramData\Google -> [2010/02/22 15:04:11 | 000,000,000 | ---D | C] DoctorWeb -> C:\Users\renata\DoctorWeb -> [2010/02/22 14:11:42 | 000,000,000 | ---D | C] Google -> C:\Users\renata\AppData\Roaming\Google -> [2010/02/22 13:24:57 | 000,000,000 | ---D | C] Google -> C:\Users\renata\AppData\Local\Google -> [2010/02/22 12:58:29 | 000,000,000 | ---D | C] Google -> C:\Arquivos de Programas\Google -> [2010/02/22 12:58:01 | 000,000,000 | ---D | C] Threat Expert -> C:\Users\renata\AppData\Local\Threat Expert -> [2010/02/22 12:57:42 | 000,000,000 | ---D | C] SGDetectionTool.dll -> C:\Windows\SGDetectionTool.dll -> [2010/02/22 12:54:14 | 000,149,456 | ---- | C] (PC Tools) PCTBDCore.dll -> C:\Windows\PCTBDCore.dll -> [2010/02/22 12:54:13 | 001,652,688 | ---- | C] (Threat Expert Ltd.) PCTBDCore.dll.old -> C:\Windows\PCTBDCore.dll.old -> [2010/02/22 12:54:13 | 001,640,400 | ---- | C] (Threat Expert Ltd.) PCTBDRes.dll -> C:\Windows\PCTBDRes.dll -> [2010/02/22 12:54:13 | 000,165,840 | ---- | C] (Threat Expert Ltd.) Google -> C:\Program Files (x86)\Google -> [2010/02/22 12:53:58 | 000,000,000 | ---D | C] pctgntdi64.sys -> C:\Windows\SysNative\drivers\pctgntdi64.sys -> [2010/02/22 12:16:03 | 000,306,648 | ---- | C] (PC Tools) pctwfpfilter64.sys -> C:\Windows\SysNative\drivers\pctwfpfilter64.sys -> [2010/02/22 12:16:02 | 000,133,072 | ---- | C] (PC Tools) PCTCore64.sys -> C:\Windows\SysNative\drivers\PCTCore64.sys -> [2010/02/22 12:15:38 | 000,218,056 | ---- | C] (PC Tools) pctplsg64.sys -> C:\Windows\SysNative\drivers\pctplsg64.sys -> [2010/02/22 12:15:10 | 000,092,896 | ---- | C] (PC Tools) PC Tools -> C:\Program Files (x86)\Common Files\PC Tools -> [2010/02/22 12:14:37 | 000,000,000 | ---D | C] Spyware Doctor -> C:\Program Files (x86)\Spyware Doctor -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C] PC Tools -> C:\Users\renata\AppData\Roaming\PC Tools -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C] PC Tools -> C:\ProgramData\PC Tools -> [2010/02/22 12:14:36 | 000,000,000 | ---D | C] Webteh -> C:\Program Files (x86)\Webteh -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C] BSplayer Pro -> C:\Users\renata\AppData\Roaming\BSplayer Pro -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C] BSplayer -> C:\Users\renata\AppData\Roaming\BSplayer -> [2010/02/22 03:46:32 | 000,000,000 | ---D | C] KONAMI -> C:\Users\renata\Documents\KONAMI -> [2010/02/22 03:35:51 | 000,000,000 | ---D | C] KONAMI -> C:\ProgramData\KONAMI -> [2010/02/22 03:20:34 | 000,000,000 | ---D | C] KONAMI -> C:\Program Files (x86)\KONAMI -> [2010/02/22 03:20:34 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2010/02/22 02:47:07 | 000,000,000 | ---D | C] DAEMON Tools Images -> C:\Users\Public\Documents\DAEMON Tools Images -> [2010/02/22 02:38:10 | 000,000,000 | ---D | C] DivXsm.exe -> C:\Windows\SysWow64\DivXsm.exe -> [2010/02/22 02:28:38 | 000,532,480 | ---- | C] (DivX Inc.) dpl100.dll -> C:\Windows\SysWow64\dpl100.dll -> [2010/02/22 02:28:38 | 000,090,112 | ---- | C] (DivX, Inc.) divx.dll -> C:\Windows\SysWow64\divx.dll -> [2010/02/22 02:28:37 | 000,696,320 | ---- | C] (DivX, Inc.) divxdec.ax -> C:\Windows\SysWow64\divxdec.ax -> [2010/02/22 02:28:36 | 000,999,424 | ---- | C] (DivX, Inc.) coreavcdecoder.ax -> C:\Windows\SysWow64\coreavcdecoder.ax -> [2010/02/22 02:28:36 | 000,271,872 | ---- | C] (CoreCodec) Codec -> C:\Program Files (x86)\Codec -> [2010/02/22 02:28:35 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\Users\renata\AppData\Roaming\DAEMON Tools Lite -> [2010/02/22 02:12:41 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/02/22 02:12:36 | 000,000,000 | ---D | C] pes desco -> C:\Users\renata\Desktop\pes desco -> [2010/02/22 01:51:11 | 000,000,000 | ---D | C] msdownld.tmp -> C:\Windows\msdownld.tmp -> [2010/02/22 00:30:57 | 000,000,000 | -H-D | C] directx -> C:\Windows\SysWow64\directx -> [2010/02/22 00:30:45 | 000,000,000 | ---D | C] MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2010/02/21 23:28:40 | 000,000,000 | ---D | C] AGEIA Technologies -> C:\Program Files (x86)\AGEIA Technologies -> [2010/02/21 00:00:46 | 000,000,000 | ---D | C] AGEIA -> C:\Windows\SysWow64\AGEIA -> [2010/02/21 00:00:46 | 000,000,000 | ---D | C] Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/02/21 00:00:37 | 000,000,000 | ---D | C] xmen pc -> C:\Users\renata\Desktop\xmen pc -> [2010/02/20 23:01:35 | 000,000,000 | ---D | C] QuickPlay -> C:\Users\renata\AppData\Local\QuickPlay -> [2010/02/20 18:04:58 | 000,000,000 | ---D | C] rom snes -> C:\rom snes -> [2010/02/20 17:51:22 | 000,000,000 | ---D | C] emulador de mega -> C:\Users\renata\Desktop\emulador de mega -> [2010/02/20 17:44:12 | 000,000,000 | ---D | C] xmen cd 2 -> C:\Users\renata\Desktop\xmen cd 2 -> [2010/02/20 17:09:34 | 000,000,000 | ---D | C] Adobe -> C:\Users\renata\AppData\Local\Adobe -> [2010/02/20 14:11:58 | 000,000,000 | ---D | C] cncs32.dll -> C:\Windows\SysWow64\cncs32.dll -> [2010/02/20 13:49:21 | 000,172,544 | ---- | C] (Europress Software) dkrumble -> C:\Windows\dkrumble -> [2010/02/20 13:49:21 | 000,000,000 | ---D | C] WinRAR -> C:\Users\renata\AppData\Roaming\WinRAR -> [2010/02/20 13:26:13 | 000,000,000 | ---D | C] WinRAR -> C:\Arquivos de Programas\WinRAR -> [2010/02/20 13:24:35 | 000,000,000 | ---D | C] uTorrent -> C:\Program Files (x86)\uTorrent -> [2010/02/20 13:00:32 | 000,000,000 | ---D | C] uTorrent -> C:\Users\renata\AppData\Roaming\uTorrent -> [2010/02/20 12:56:15 | 000,000,000 | ---D | C] Symantec -> C:\ProgramData\Symantec -> [2010/02/20 10:21:48 | 000,000,000 | ---D | C] Shareaza -> C:\Users\renata\AppData\Local\Shareaza -> [2010/02/20 00:19:44 | 000,000,000 | ---D | C] Shareaza -> C:\Users\renata\AppData\Roaming\Shareaza -> [2010/02/20 00:19:05 | 000,000,000 | ---D | C] Shareaza -> C:\Program Files (x86)\Shareaza -> [2010/02/20 00:19:02 | 000,000,000 | ---D | C] Tracing -> C:\Users\renata\Tracing -> [2010/02/19 17:42:54 | 000,000,000 | ---D | C] Microsoft -> C:\Program Files (x86)\Microsoft -> [2010/02/19 17:42:08 | 000,000,000 | ---D | C] microsoft -> C:\Users\Public\Documents\microsoft -> [2010/02/19 17:41:58 | 000,000,000 | ---D | C] Windows Live SkyDrive -> C:\Program Files (x86)\Windows Live SkyDrive -> [2010/02/19 17:41:51 | 000,000,000 | ---D | C] Windows Live -> C:\Program Files (x86)\Windows Live -> [2010/02/19 17:41:33 | 000,000,000 | ---D | C] Windows Live -> C:\Program Files (x86)\Common Files\Windows Live -> [2010/02/19 17:33:35 | 000,000,000 | ---D | C] My Games -> C:\Users\renata\Documents\My Games -> [2010/02/18 19:41:54 | 000,000,000 | ---D | C] CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/02/18 19:34:50 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) Ubisoft -> C:\Program Files (x86)\Ubisoft -> [2010/02/18 19:24:56 | 000,000,000 | ---D | C] CyberLink -> C:\Users\renata\AppData\Roaming\CyberLink -> [2010/02/18 19:09:13 | 000,000,000 | ---D | C] NFS Undercover -> C:\Users\renata\Documents\NFS Undercover -> [2010/02/18 18:26:09 | 000,000,000 | ---D | C] PunkBuster -> C:\Users\renata\AppData\Local\PunkBuster -> [2010/02/18 18:25:40 | 000,000,000 | ---D | C] GameVicio -> C:\Program Files (x86)\GameVicio -> [2010/02/18 18:21:43 | 000,000,000 | ---D | C] Adobe -> C:\Users\renata\AppData\Roaming\Adobe -> [2010/02/18 18:17:01 | 000,000,000 | ---D | C] Electronic Arts -> C:\ProgramData\Electronic Arts -> [2010/02/18 18:14:48 | 000,000,000 | ---D | C] Downloaded Installations -> C:\Users\renata\AppData\Local\Downloaded Installations -> [2010/02/18 18:13:37 | 000,000,000 | ---D | C] Leadertech -> C:\Users\renata\AppData\Roaming\Leadertech -> [2010/02/18 18:13:26 | 000,000,000 | ---D | C] EA Games -> C:\Program Files (x86)\EA Games -> [2010/02/18 17:51:33 | 000,000,000 | ---D | C] Musicas e Fotos -> C:\Users\renata\Documents\Musicas e Fotos -> [2010/02/18 17:26:03 | 000,000,000 | ---D | C] %COREALLUSERPATH% -> C:\Windows\SysWow64\%COREALLUSERPATH% -> [2010/02/18 16:46:30 | 000,000,000 | ---D | C] muvee Technologies -> C:\ProgramData\muvee Technologies -> [2010/02/18 15:57:53 | 000,000,000 | ---D | C] Meus muvees -> C:\Users\renata\Documents\Meus muvees -> [2010/02/18 15:57:53 | 000,000,000 | ---D | C] Macromedia -> C:\Users\renata\AppData\Roaming\Macromedia -> [2010/02/18 15:56:30 | 000,000,000 | ---D | C] muvee Technologies -> C:\Users\renata\AppData\Roaming\muvee Technologies -> [2010/02/18 15:56:27 | 000,000,000 | ---D | C] jogos -> C:\Program Files (x86)\jogos -> [2010/02/17 23:22:02 | 000,000,000 | ---D | C] diversos cel re -> C:\Users\renata\Documents\diversos cel re -> [2010/02/17 23:08:56 | 000,000,000 | ---D | C] Symantec Shared -> C:\Program Files (x86)\Common Files\Symantec Shared -> [2010/02/17 21:22:24 | 000,000,000 | ---D | C] Meus arquivos recebidos -> C:\Users\renata\Documents\Meus arquivos recebidos -> [2010/02/17 20:01:37 | 000,000,000 | ---D | C] Microsoft Games -> C:\Users\renata\AppData\Local\Microsoft Games -> [2010/02/17 19:59:41 | 000,000,000 | ---D | C] SymIMV.sys -> C:\Windows\SysNative\drivers\SymIMV.sys -> [2010/02/17 19:38:42 | 000,031,280 | R--- | C] (Symantec Corporation) SYMEVENT64x86.SYS -> C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -> [2010/02/17 19:38:38 | 000,172,592 | ---- | C] (Symantec Corporation) Symantec Shared -> C:\Arquivos de Programas\Common Files\Symantec Shared -> [2010/02/17 19:38:38 | 000,000,000 | ---D | C] Symantec -> C:\Arquivos de Programas\Symantec -> [2010/02/17 19:38:38 | 000,000,000 | ---D | C] Pasta de trocas do Bluetooth -> C:\Users\renata\Documents\Pasta de trocas do Bluetooth -> [2010/02/17 19:37:21 | 000,000,000 | ---D | C] Bluetooth Software -> C:\Users\renata\Bluetooth Software -> [2010/02/17 19:37:21 | 000,000,000 | ---D | C] Searches -> C:\Users\renata\Searches -> [2010/02/17 19:36:53 | 000,000,000 | R--D | C] Identities -> C:\Users\renata\AppData\Roaming\Identities -> [2010/02/17 19:36:46 | 000,000,000 | ---D | C] Contacts -> C:\Users\renata\Contacts -> [2010/02/17 19:36:43 | 000,000,000 | R--D | C] VirtualStore -> C:\Users\renata\AppData\Local\VirtualStore -> [2010/02/17 19:36:42 | 000,000,000 | ---D | C] HP TCS -> C:\Users\renata\AppData\Roaming\HP TCS -> [2010/02/17 19:31:42 | 000,000,000 | ---D | C] Temporary Internet Files -> C:\Users\renata\AppData\Local\Temporary Internet Files -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] SendTo -> C:\Users\renata\SendTo -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Recent -> C:\Users\renata\Recent -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Modelos -> C:\Users\renata\Modelos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Minhas músicas -> C:\Users\renata\Documents\Minhas músicas -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Minhas imagens -> C:\Users\renata\Documents\Minhas imagens -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Meus vídeos -> C:\Users\renata\Documents\Meus vídeos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Menu Iniciar -> C:\Users\renata\Menu Iniciar -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Histórico -> C:\Users\renata\AppData\Local\Histórico -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Dados de aplicativos -> C:\Users\renata\Dados de aplicativos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Dados de aplicativos -> C:\Users\renata\AppData\Local\Dados de aplicativos -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Cookies -> C:\Users\renata\Cookies -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Configurações locais -> C:\Users\renata\Configurações locais -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Ambiente de rede -> C:\Users\renata\Ambiente de rede -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Ambiente de impressão -> C:\Users\renata\Ambiente de impressão -> [2010/02/17 19:28:46 | 000,000,000 | -HSD | C] Meus documentos -> C:\Users\renata\Meus documentos -> [2010/02/17 19:28:45 | 000,000,000 | -HSD | C] Microsoft -> C:\Users\renata\AppData\Roaming\Microsoft -> [2010/02/17 19:28:44 | 000,000,000 | --SD | C] Videos -> C:\Users\renata\Videos -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Saved Games -> C:\Users\renata\Saved Games -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Pictures -> C:\Users\renata\Pictures -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Music -> C:\Users\renata\Music -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Links -> C:\Users\renata\Links -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Favorites -> C:\Users\renata\Favorites -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Downloads -> C:\Users\renata\Downloads -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Documents -> C:\Users\renata\Documents -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] Desktop -> C:\Users\renata\Desktop -> [2010/02/17 19:28:44 | 000,000,000 | R--D | C] AppData -> C:\Users\renata\AppData -> [2010/02/17 19:28:44 | 000,000,000 | -H-D | C] Temp -> C:\Users\renata\AppData\Local\Temp -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C] Microsoft -> C:\Users\renata\AppData\Local\Microsoft -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C] Media Center Programs -> C:\Users\renata\AppData\Roaming\Media Center Programs -> [2010/02/17 19:28:44 | 000,000,000 | ---D | C] Sistema -> C:\Arquivos de Programas\Common Files\Sistema -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Modelos -> C:\ProgramData\Modelos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Minhas músicas -> C:\Users\Public\Documents\Minhas músicas -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Minhas imagens -> C:\Users\Public\Documents\Minhas imagens -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Meus vídeos -> C:\Users\Public\Documents\Meus vídeos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Menu Iniciar -> C:\ProgramData\Menu Iniciar -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Favoritos -> C:\ProgramData\Favoritos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Documentos -> C:\ProgramData\Documentos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Dados de aplicativos -> C:\ProgramData\Dados de aplicativos -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Arquivos de programas -> C:\Arquivos de programas -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] Arquivos Comuns -> C:\Arquivos de Programas\Arquivos Comuns -> [2010/02/17 19:28:32 | 000,000,000 | -HSD | C] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->  [Files/Folders - Modified Within 30 Days] NTUSER.DAT -> C:\Users\renata\NTUSER.DAT -> [2010/03/07 22:59:16 | 003,145,728 | -HS- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/07 21:12:45 | 000,003,616 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/07 21:12:45 | 000,003,616 | -H-- | M] () hpqp.ini -> C:\ProgramData\hpqp.ini -> [2010/03/07 15:14:56 | 000,000,292 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/03/07 15:12:48 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/03/07 15:12:32 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/07 15:12:12 | 4193,210,368 | -HS- | M] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/03/07 06:02:47 | 000,000,012 | ---- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/07 06:02:45 | 000,524,288 | -HS- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2010/03/07 06:02:45 | 000,065,536 | -HS- | M] () IconCache.db -> C:\Users\renata\AppData\Local\IconCache.db -> [2010/03/07 06:02:34 | 002,613,030 | -H-- | M] () Call of Duty 4 Tradução BR.lnk -> C:\Users\renata\Desktop\Call of Duty 4 Tradução BR.lnk -> [2010/03/07 01:45:16 | 000,001,567 | ---- | M] () Cat.DB -> C:\Windows\SysNative\drivers\NISx64\1008000.029\Cat.DB -> [2010/03/06 22:54:22 | 002,186,444 | ---- | M] () RegistryBooster.lnk -> C:\Users\Public\Desktop\RegistryBooster.lnk -> [2010/03/05 16:21:24 | 000,000,919 | ---- | M] () hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2010/03/05 09:00:27 | 000,000,761 | ---- | M] () OTS.exe -> C:\Users\renata\Desktop\OTS.exe -> [2010/03/04 23:19:16 | 000,634,368 | ---- | M] (OldTimer Tools) eMule.lnk -> C:\Users\Public\Desktop\eMule.lnk -> [2010/03/02 13:59:52 | 000,000,830 | ---- | M] () Documentos - Atalho.lnk -> C:\Users\renata\Documentos - Atalho.lnk -> [2010/03/02 10:08:02 | 000,000,372 | ---- | M] () OTS - Atalho.lnk -> C:\Users\renata\Desktop\OTS - Atalho.lnk -> [2010/03/01 19:55:12 | 000,000,528 | ---- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/03/01 11:43:56 | 001,444,766 | ---- | M] () prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2010/03/01 11:43:56 | 000,634,222 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/03/01 11:43:56 | 000,587,178 | ---- | M] () prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2010/03/01 11:43:56 | 000,121,888 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/03/01 11:43:56 | 000,101,250 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Users\renata\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/03/01 11:40:10 | 000,075,848 | ---- | M] () FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/03/01 11:36:40 | 000,314,992 | ---- | M] () Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/03/01 11:32:47 | 000,000,000 | -H-- | M] () Msft_Kernel_HpqKbFiltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2010/02/28 03:24:32 | 000,000,000 | -H-- | M] () iexplore.lnk -> C:\Users\renata\Desktop\iexplore.lnk -> [2010/02/27 14:38:24 | 000,000,909 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/02/27 14:09:02 | 000,001,778 | ---- | M] () cc_20100224_230237 copia.reg -> C:\Users\renata\Documents\cc_20100224_230237 copia.reg -> [2010/02/24 23:03:49 | 000,097,582 | ---- | M] () CCleaner.lnk -> C:\Users\renata\Desktop\CCleaner.lnk -> [2010/02/24 22:56:51 | 000,001,724 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/02/22 23:27:57 | 000,000,848 | ---- | M] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/02/22 21:21:34 | 000,183,112 | ---- | M] () aa.lic -> C:\Windows\aa.lic -> [2010/02/22 19:46:06 | 000,000,256 | ---- | M] () SpywareBlaster.lnk -> C:\Users\renata\Desktop\SpywareBlaster.lnk -> [2010/02/22 16:32:32 | 000,000,842 | ---- | M] () Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/02/22 12:15:28 | 000,001,819 | ---- | M] () DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010/02/22 02:47:43 | 000,001,789 | ---- | M] () sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | M] () cnc.ini -> C:\Windows\cnc.ini -> [2010/02/20 13:49:22 | 000,000,018 | ---- | M] () cncs32.dll -> C:\Windows\SysWow64\cncs32.dll -> [2010/02/20 13:49:21 | 000,172,544 | ---- | M] (Europress Software) µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/02/20 13:01:00 | 000,000,782 | ---- | M] () Norton Internet Security.lnk -> C:\Users\Public\Desktop\Norton Internet Security.lnk -> [2010/02/20 09:49:28 | 000,002,279 | ---- | M] () SYMEVENT64x86.SYS -> C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -> [2010/02/20 04:02:23 | 000,172,592 | ---- | M] (Symantec Corporation) SYMEVENT64x86.CAT -> C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT -> [2010/02/20 04:02:23 | 000,007,440 | ---- | M] () SYMEVENT64x86.INF -> C:\Windows\SysNative\drivers\SYMEVENT64x86.INF -> [2010/02/20 04:02:23 | 000,000,855 | ---- | M] () cchpx64.sys -> C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys -> [2010/02/20 02:44:50 | 000,583,296 | ---- | M] (Symantec Corporation) BHDrvx64.sys -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -> [2010/02/20 02:44:50 | 000,334,384 | ---- | M] (Symantec Corporation) symnetv.cat -> C:\Windows\SysNative\drivers\NISx64\1008000.029\symnetv.cat -> [2010/02/20 02:44:47 | 000,009,412 | ---- | M] () BHDrvx64.CAT -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.CAT -> [2010/02/20 02:44:47 | 000,007,362 | ---- | M] () SymNetV.inf -> C:\Windows\SysNative\drivers\NISx64\1008000.029\SymNetV.inf -> [2010/02/20 02:44:47 | 000,001,481 | ---- | M] () BHDrvx64.inf -> C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.inf -> [2010/02/20 02:44:47 | 000,000,640 | ---- | M] () isolate.ini -> C:\Windows\SysNative\drivers\NISx64\1008000.029\isolate.ini -> [2010/02/20 02:44:47 | 000,000,172 | ---- | M] () Windows Live Messenger .lnk -> C:\Users\renata\Desktop\Windows Live Messenger .lnk -> [2010/02/20 01:29:04 | 000,002,007 | ---- | M] () CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/02/18 19:34:50 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/02/18 19:31:40 | 002,250,024 | ---- | M] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/02/18 19:31:40 | 000,066,872 | ---- | M] () gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2010/02/18 10:20:44 | 000,030,752 | ---- | M] (GAS Tecnologia) Windows Media Player.lnk -> C:\Users\renata\Desktop\Windows Media Player.lnk -> [2010/02/17 23:55:42 | 000,000,968 | ---- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2010/02/17 20:47:30 | 000,524,288 | -HS- | M] () Paint.lnk -> C:\Users\renata\Desktop\Paint.lnk -> [2010/02/17 20:01:17 | 000,001,637 | ---- | M] () 103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysWow64\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | M] () 103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysNative\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | M] () ntuser.ini -> C:\Users\renata\ntuser.ini -> [2010/02/17 19:28:46 | 000,000,020 | -HS- | M] () license.rtf -> C:\Windows\SysNative\license.rtf -> [2010/02/17 15:30:52 | 000,054,574 | ---- | M] () 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->  [Files - No Company Name] Call of Duty 4 Tradução BR.lnk -> C:\Users\renata\Desktop\Call of Duty 4 Tradução BR.lnk -> [2010/03/07 01:45:16 | 000,001,567 | ---- | C] () RegistryBooster.lnk -> C:\Users\Public\Desktop\RegistryBooster.lnk -> [2010/03/05 16:21:24 | 000,000,919 | ---- | C] () eMule.lnk -> C:\Users\Public\Desktop\eMule.lnk -> [2010/03/02 13:59:52 | 000,000,830 | ---- | C] () Documentos - Atalho.lnk -> C:\Users\renata\Documentos - Atalho.lnk -> [2010/03/02 10:08:02 | 000,000,372 | ---- | C] () OTS - Atalho.lnk -> C:\Users\renata\Desktop\OTS - Atalho.lnk -> [2010/03/01 19:55:12 | 000,000,528 | ---- | C] () Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/03/01 11:32:47 | 000,000,000 | -H-- | C] () Msft_Kernel_HpqKbFiltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [2010/02/28 03:24:32 | 000,000,000 | -H-- | C] () ieuinit.inf -> C:\Windows\SysWow64\ieuinit.inf -> [2010/02/27 23:28:36 | 000,057,667 | ---- | C] () ieuinit.inf -> C:\Windows\SysNative\ieuinit.inf -> [2010/02/27 23:28:36 | 000,057,667 | ---- | C] () EhStorAuthn.dll -> C:\Windows\SysNative\EhStorAuthn.dll -> [2010/02/27 23:02:46 | 000,121,856 | ---- | C] () EhStorAuthn.dll -> C:\Windows\SysWow64\EhStorAuthn.dll -> [2010/02/27 23:02:46 | 000,117,248 | ---- | C] () systemsf.ebd -> C:\Windows\SysNative\systemsf.ebd -> [2010/02/27 23:02:24 | 000,262,552 | ---- | C] () dot3.tmf -> C:\Windows\SysNative\dot3.tmf -> [2010/02/27 23:01:45 | 000,471,992 | ---- | C] () eaphost.tmf -> C:\Windows\SysNative\eaphost.tmf -> [2010/02/27 23:01:41 | 000,700,507 | ---- | C] () StructuredQuerySchema.bin -> C:\Windows\SysWow64\StructuredQuerySchema.bin -> [2010/02/27 23:01:35 | 000,107,612 | ---- | C] () StructuredQuerySchema.bin -> C:\Windows\SysNative\StructuredQuerySchema.bin -> [2010/02/27 23:01:35 | 000,107,612 | ---- | C] () locale.nls -> C:\Windows\SysWow64\locale.nls -> [2010/02/27 23:01:28 | 003,662,128 | ---- | C] () locale.nls -> C:\Windows\SysNative\locale.nls -> [2010/02/27 23:01:27 | 003,662,128 | ---- | C] () onex.tmf -> C:\Windows\SysNative\onex.tmf -> [2010/02/27 23:01:27 | 000,395,723 | ---- | C] () WFP.TMF -> C:\Windows\SysNative\WFP.TMF -> [2010/02/27 23:00:25 | 000,207,968 | ---- | C] () slmgr.vbs -> C:\Windows\SysWow64\slmgr.vbs -> [2010/02/27 23:00:19 | 000,092,918 | ---- | C] () slmgr.vbs -> C:\Windows\SysNative\slmgr.vbs -> [2010/02/27 23:00:19 | 000,092,918 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2010/02/27 23:00:10 | 000,368,640 | ---- | C] () spcinstrumentation.man -> C:\Windows\SysWow64\spcinstrumentation.man -> [2010/02/27 22:58:59 | 000,009,239 | ---- | C] () spcinstrumentation.man -> C:\Windows\SysNative\spcinstrumentation.man -> [2010/02/27 22:58:59 | 000,009,239 | ---- | C] () RacUR.xml -> C:\Windows\SysWow64\RacUR.xml -> [2010/02/27 22:57:46 | 000,009,212 | ---- | C] () RacUR.xml -> C:\Windows\SysNative\RacUR.xml -> [2010/02/27 22:57:46 | 000,009,212 | ---- | C] () iexplore.lnk -> C:\Users\renata\Desktop\iexplore.lnk -> [2010/02/27 14:38:24 | 000,000,909 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/02/27 14:08:59 | 000,001,778 | ---- | C] () cc_20100224_230237 copia.reg -> C:\Users\renata\Documents\cc_20100224_230237 copia.reg -> [2010/02/24 23:02:45 | 000,097,582 | ---- | C] () CCleaner.lnk -> C:\Users\renata\Desktop\CCleaner.lnk -> [2010/02/24 22:56:51 | 000,001,724 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/02/22 23:27:57 | 000,000,848 | ---- | C] () aa.lic -> C:\Windows\aa.lic -> [2010/02/22 19:46:06 | 000,000,256 | ---- | C] () SpywareBlaster.lnk -> C:\Users\renata\Desktop\SpywareBlaster.lnk -> [2010/02/22 16:32:32 | 000,000,842 | ---- | C] () BDTSupport.dll -> C:\Windows\BDTSupport.dll -> [2010/02/22 12:54:15 | 000,767,952 | ---- | C] () UDB.zip -> C:\Windows\UDB.zip -> [2010/02/22 12:54:14 | 001,152,444 | ---- | C] () RegSDImport.xml -> C:\Windows\RegSDImport.xml -> [2010/02/22 12:54:14 | 000,000,882 | ---- | C] () RegISSImport.xml -> C:\Windows\RegISSImport.xml -> [2010/02/22 12:54:14 | 000,000,879 | ---- | C] () IDB.zip -> C:\Windows\IDB.zip -> [2010/02/22 12:54:14 | 000,000,131 | ---- | C] () pctgntdi64.cat -> C:\Windows\SysNative\drivers\pctgntdi64.cat -> [2010/02/22 12:16:03 | 000,007,357 | ---- | C] () pctcore64.cat -> C:\Windows\SysNative\drivers\pctcore64.cat -> [2010/02/22 12:15:38 | 000,007,353 | ---- | C] () Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/02/22 12:15:28 | 000,001,819 | ---- | C] () pctplsg64.cat -> C:\Windows\SysNative\drivers\pctplsg64.cat -> [2010/02/22 12:15:10 | 000,007,353 | ---- | C] () dd_vcredistMSI2E17.txt -> C:\Users\renata\AppData\Local\dd_vcredistMSI2E17.txt -> [2010/02/22 12:14:45 | 000,333,712 | ---- | C] () dd_vcredistUI2E1A.txt -> C:\Users\renata\AppData\Local\dd_vcredistUI2E1A.txt -> [2010/02/22 12:14:42 | 000,011,918 | ---- | C] () dd_vcredistUI2E17.txt -> C:\Users\renata\AppData\Local\dd_vcredistUI2E17.txt -> [2010/02/22 12:14:41 | 000,012,730 | ---- | C] () DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010/02/22 02:47:43 | 000,001,789 | ---- | C] () xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2010/02/22 02:28:39 | 000,887,296 | ---- | C] () ac3filter.ax -> C:\Windows\SysWow64\ac3filter.ax -> [2010/02/22 02:28:39 | 000,797,184 | ---- | C] () ac3filter.acm -> C:\Windows\SysWow64\ac3filter.acm -> [2010/02/22 02:28:39 | 000,497,664 | ---- | C] () coreaac.ax -> C:\Windows\SysWow64\coreaac.ax -> [2010/02/22 02:28:39 | 000,319,488 | ---- | C] () xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2010/02/22 02:28:39 | 000,198,144 | ---- | C] () xvid.ax -> C:\Windows\SysWow64\xvid.ax -> [2010/02/22 02:28:39 | 000,150,528 | ---- | C] () qt-dx331.dll -> C:\Windows\SysWow64\qt-dx331.dll -> [2010/02/22 02:28:38 | 003,596,288 | ---- | C] () divxsm.tlb -> C:\Windows\SysWow64\divxsm.tlb -> [2010/02/22 02:28:38 | 000,004,816 | ---- | C] () sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/02/22 02:14:48 | 000,834,544 | ---- | C] () binkw32.dll -> C:\Windows\SysNative\binkw32.dll -> [2010/02/21 23:56:24 | 000,377,856 | ---- | C] () hpqp.txt -> C:\ProgramData\hpqp.txt -> [2010/02/20 18:04:59 | 000,000,021 | ---- | C] () cnc.ini -> C:\Windows\cnc.ini -> [2010/02/20 13:49:22 | 000,000,018 | ---- | C] () µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/02/20 13:00:39 | 000,000,782 | ---- | C] () wlan.tmf -> C:\Windows\SysNative\wlan.tmf -> [2010/02/20 05:53:22 | 002,608,861 | ---- | C] () Windows Live Messenger .lnk -> C:\Users\renata\Desktop\Windows Live Messenger .lnk -> [2010/02/20 01:29:04 | 000,002,007 | ---- | C] () desktop.ini -> C:\Users\renata\AppData\Roaming\desktop.ini -> [2010/02/20 00:19:48 | 000,000,006 | -HS- | C] () desktop.ini -> C:\Users\renata\AppData\Local\desktop.ini -> [2010/02/20 00:19:44 | 000,000,006 | -HS- | C] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/02/18 19:31:39 | 002,250,024 | ---- | C] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/02/18 18:25:49 | 000,066,872 | ---- | C] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/02/18 18:25:42 | 000,183,112 | ---- | C] () Windows Media Player.lnk -> C:\Users\renata\Desktop\Windows Media Player.lnk -> [2010/02/17 23:55:42 | 000,000,968 | ---- | C] () IconCache.db -> C:\Users\renata\AppData\Local\IconCache.db -> [2010/02/17 20:47:28 | 002,613,030 | -H-- | C] () Paint.lnk -> C:\Users\renata\Desktop\Paint.lnk -> [2010/02/17 20:01:17 | 000,001,637 | ---- | C] () SYMEVENT64x86.CAT -> C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT -> [2010/02/17 19:38:38 | 000,007,440 | ---- | C] () SYMEVENT64x86.INF -> C:\Windows\SysNative\drivers\SYMEVENT64x86.INF -> [2010/02/17 19:38:38 | 000,000,855 | ---- | C] () QSwitch.txt -> C:\Users\renata\AppData\Local\QSwitch.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] () DSwitch.txt -> C:\Users\renata\AppData\Local\DSwitch.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] () AtStart.txt -> C:\Users\renata\AppData\Local\AtStart.txt -> [2010/02/17 19:37:08 | 000,000,000 | ---- | C] () GDIPFONTCACHEV1.DAT -> C:\Users\renata\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/02/17 19:37:07 | 000,075,848 | ---- | C] () HPWALog.txt -> C:\ProgramData\HPWALog.txt -> [2010/02/17 19:37:07 | 000,011,856 | ---- | C] () 103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysWow64\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | C] () 103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> C:\Windows\SysNative\drivers\103C_HP_cNB_Presario CQ40 Notebook PC_Y5335KV_0U_QBRG943FF43_ENS630LA#AC4_4A_I3607_SCompal_V99.AA_F.42_T090514_WV3-1_L416_M3999_J250_7Intel_867A_92.00_#091024_N10EC8136;80864237_(NS630LA#AC4)_XMOBILE_CN10_Z.MRK -> [2010/02/17 19:30:11 | 000,000,000 | RHS- | C] () ntuser.ini -> C:\Users\renata\ntuser.ini -> [2010/02/17 19:28:46 | 000,000,020 | -HS- | C] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms -> [2010/02/17 19:28:45 | 000,524,288 | -HS- | C] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2010/02/17 19:28:45 | 000,524,288 | -HS- | C] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\renata\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2010/02/17 19:28:44 | 000,065,536 | -HS- | C] () NTUSER.DAT -> C:\Users\renata\NTUSER.DAT -> [2010/02/17 19:28:43 | 003,145,728 | -HS- | C] () physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 23:50:05 | 000,060,124 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 12:07:25 | 000,037,665 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 12:07:25 | 000,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 12:07:25 | 000,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 12:07:25 | 000,026,040 | ---- | C] () [Alternate Data Streams]@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:5C321E34@Alternate Data Stream - 16 bytes -> C:\Users\renata\Downloads:Shareaza.GUID@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:DFC5A2B2@Alternate Data Stream - 204 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst< End of report >

Sam Spade · Março 7, 2010

Olá, é o log do Fix conforme está descrito nas instruções:

Então abrirá um log. O log é salvo em C:\_OTS\MovedFiles\

O seu nome significa o dia e a hora que foi gerado: data_hora.log

Ex: 02232010_165746.log

Mário Monteiro · Abril 7, 2010

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Arquivado

[Arquivado] Janelas se abrem sozinhas no IE 7

Recommended Posts

edi_theone 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Sam Spade 2

Compartilhar este post

Link para o post

Compartilhar em outros sites

edi_theone 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Sam Spade 2

Compartilhar este post

Link para o post

Compartilhar em outros sites

edi_theone 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Sam Spade 2

Compartilhar este post

Link para o post

Compartilhar em outros sites

edi_theone 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Sam Spade 2

Compartilhar este post

Link para o post

Compartilhar em outros sites

edi_theone 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

Sam Spade 2

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

PHP - Abrir e Fechar janela

Pergunta: Beautiful Womans from your city - Verified Women

Search Pretty Womans in your city for night

Fóruns

Tempo Real

Informação importante