Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

moicanofacul

[Resolvido] &nbspPC está infectado.

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

moicanofacul    0

moicanofacul
Postado

Li uma matéria que diz para desconfiar de processos do Gerenciador de Tarefas que não requisitei, pois isso pode ser uma confirmação de PC infectado.

 

Como meu PC às vezes demora pra reiniciar, mostrando rapidamente uma tela 'Aguardando finalizar todos os processos' (algo assim, é muito rápido e eu não consigo ler tudo), peço a ajuda de vocês pra saber se está tudo OK com meu PC ou não. Segue log do HiJackThis:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:37:45, on 29/06/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\Pierre Cardoso\Downloads\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/3

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/3

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F91A47DD-2831-4021-A2F9-94A55DAB31FD}: NameServer = 200.165.132.154 200.165.132.148

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 10037 bytes

 

 

OBS: Ao pedir para escanear, surgiu esta mensagem (acessar link):

http://imageshack.us/f/4/hijackthisq.jpg

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Olá moicanofacul

 

 

*Baixe o OTS e salve-o no desktop

*Execute-o e selecione a opção:

[x] Scan All Users

*Clique [Quick Scan] e cole o relatório apresentado

 

Caso o relatório fique demasiadamente grande...

 

*Acesse este link

*Selecione [x] 4 jours

*Clique [Enviar arquivo]

*Localize o arquivo OTS.txt no desktop

*Clique [Abrir] > [Créer le lien Cjoint]

*Cole o endereço criado

Compartilhar este post

Link para o post
Compartilhar em outros sites

moicanofacul    0

moicanofacul
Postado 
OTS logfile created on: 30/06/2011 19:07:13 - Run 1
OTS by OldTimer - Version 3.1.44.0     Folder = C:\Users\Pierre Cardoso\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 471,17 Gb Total Space | 397,59 Gb Free Space | 84,38% Space Free | Partition Type: NTFS
Drive D: | 9,48 Gb Total Space | 1,44 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive P: | 450,76 Gb Total Space | 262,52 Gb Free Space | 58,24% Space Free | Partition Type: NTFS

Computer Name: PIERRECARDOSO
Current User Name: Pierre Cardoso
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan

[Processes - Safe List]
ots.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2011/06/21 11:54:16 | 000,924,632 | ---- | M] (Mozilla Corporation)
gbpsv.exe -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2011/06/13 09:06:50 | 000,169,760 | ---- | M] ( )
hpdrvmntsvc.exe -> C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -> [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company)
clmlsvc.exe -> c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe -> [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink)
iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation)
iastoricon.exe -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe -> [2009/10/02 11:26:10 | 000,284,696 | ---- | M] (Intel Corporation)
logtransport2.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe -> [2008/12/17 14:19:40 | 000,258,048 | R--- | M] (Adobe Systems Incorporated)
hpsysdrv.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe -> [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard)

[Modules - Safe List]
ots.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll -> [2010/11/20 08:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation)
normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2009/07/13 22:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(NisSrv)  [On_Demand | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation)
64bit-(MsMpSvc)  [Auto | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation)
64bit-(wlcrasvc)  [Disabled | Stopped] -> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -> [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation)
64bit-(AMD External Events Utility)  [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/09/08 20:56:12 | 000,202,752 | ---- | M] (AMD)
(GbpSv) Gbp Service [unknown | Running] -> C:\PROGRA~2\GbPlugin\GbpSv.exe -> [2011/06/13 09:06:50 | 000,169,760 | ---- | M] ( )
(ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia)
(HPDrvMntSvc.exe) HP Quick Synchronization Service [Auto | Running] -> C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -> [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(IAStorDataMgrSvc) Intel(R) Rapid Storage Technology [Auto | Running] -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(usbser) USB Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser.sys -> [2010/11/20 07:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation)
64bit-(NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NisDrvWFP.sys -> [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation)
64bit-(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fssfltr.sys -> [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation)
64bit-(UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -> [2010/07/30 14:18:04 | 000,009,216 | ---- | M] (Nokia)
64bit-(upperdev) upperdev [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -> [2010/07/30 14:18:02 | 000,009,216 | ---- | M] (Nokia)
64bit-(nmwcdc) Nokia USB Communication Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ccdcmbox64.sys -> [2010/07/30 14:18:00 | 000,026,624 | ---- | M] (Nokia)
64bit-(nmwcd) Nokia USB Phone Parent Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ccdcmbx64.sys -> [2010/07/30 14:17:56 | 000,019,456 | ---- | M] (Nokia)
64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2010/07/08 22:03:00 | 000,834,544 | ---- | M] ()
64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/10/02 08:58:58 | 000,537,112 | ---- | M] (Intel Corporation)
64bit-(AtiHdmiService) ATI Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtiHdmi.sys -> [2009/09/29 22:04:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.)
64bit-(HECIx64) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2009/09/17 09:54:54 | 000,056,344 | ---- | M] (Intel Corporation)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/09/08 21:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.)
64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2009/08/20 21:05:06 | 000,239,616 | ---- | M] (Realtek                                            )
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 17:38:56 | 000,000,308 | ---- | M] ()
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia)
(GbpKm) Gbp KernelMode [Kernel | Boot | Stopped] -> C:\Windows\system32\drivers\gbpkm.sys -> [2011/06/13 09:06:20 | 000,046,624 | ---- | M] (GAS Tecnologia)
(hid8101) hid8101 [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\hid8101.sys -> [2006/10/23 11:42:30 | 000,031,899 | ---- | M] (Compuware Corporation)

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPCON/3 -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://g.msn.com/HPCON/3 -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> -> 
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: Main\\"Default_Page_URL" -> http://g.msn.com/HPCON/3 -> 
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: Main\\"Start Page" -> about:blank -> 
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Pierre Cardoso\AppData\Roaming\Mozilla\FireFox\Profiles\hawbr6lm.default\prefs.js -> 
browser.startup.homepage -> "about:blank" ->
extensions.enabledItems -> pt-BR@dictionaries.addons.mozilla.org:1.0.0.2 ->
extensions.enabledItems -> {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2 ->
extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.18.2 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 ->
extensions.enabledItems -> bkmrksync@nokia.com:1.0.0.736 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 ->
extensions.enabledItems -> {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
network.proxy.type -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\] -> [2010/12/15 21:52:27 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\] -> [2011/01/26 11:16:43 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011/06/21 11:54:17 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins -> C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2011/06/16 10:50:13 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Thunderbird\Extensions ->  -> 
HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74} -> C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\ [C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\] -> [2010/12/15 21:52:28 | 000,000,000 | ---D | M]
< FireFox Extensions [user Folders] > -> 
 -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Extensions -> [2010/07/06 23:38:26 | 000,000,000 | ---D | M]
 -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions -> [2011/06/27 12:14:54 | 000,000,000 | ---D | M]
Flashblock   -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} -> [2010/10/14 22:31:21 | 000,000,000 | ---D | M]
"Módulo de Segurança - Banco do Brasil"   -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2011/06/27 12:14:55 | 000,000,000 | ---D | M]
 -> C:\Users\Pierre Cardoso\AppData\Roaming\mozilla\Firefox\Profiles\hawbr6lm.default\extensions\pt-BR@dictionaries.addons.mozilla.org -> [2010/11/16 23:12:19 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > -> 
 -> C:\Program Files (x86)\mozilla firefox\extensions -> [2011/06/11 09:45:09 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010/07/30 14:44:25 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/10/18 18:29:50 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2010/12/16 02:01:20 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} -> [2011/02/17 22:03:04 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/06/11 09:45:09 | 000,000,000 | ---D | M]
No name found ->  -> File not found
No name found -> C:\USERS\PIERRE CARDOSO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HAWBR6LM.DEFAULT\EXTENSIONS\DESPROTETORDELINKS@CLAUDIO-SILVA.COM.XPI -> ()
Dicionário para Ortografia pt-BR -> C:\USERS\PIERRE CARDOSO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HAWBR6LM.DEFAULT\EXTENSIONS\PT-BR@DICTIONARIES.ADDONS.MOZILLA.ORG -> [2010/11/16 23:12:19 | 000,000,000 | ---D | M]
< HOSTS File > ([2011/06/27 12:13:46 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2010/09/21 14:54:04 | 000,529,280 | ---- | M] (Microsoft Corp.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Program Files (x86)\GbPlugin\gbieh.dll [GbIehObj Class] -> [2011/06/13 09:03:26 | 001,412,896 | ---- | M] (Banco do Brasil)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2010/11/30 13:26:32 | 001,436,224 | ---- | M] (Microsoft Corporation)
"PC-Doctor for Windows localizer" -> C:\Arquivos de Programas\PC-Doctor for Windows\localizer.exe [C:\Program Files\PC-Doctor for Windows\localizer.exe] -> [2009/09/17 02:57:42 | 000,095,728 | ---- | M] (PC-Doctor, Inc.)
"SmartMenu" -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background] -> [2009/09/14 15:17:08 | 000,610,360 | ---- | M] ()
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"hpsysdrv" -> c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe] -> [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard)
"IAStorIcon" -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe] -> [2009/10/02 11:26:10 | 000,284,696 | ---- | M] (Intel Corporation)
"StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/09/08 21:18:40 | 000,098,304 | ---- | M] (Advanced Micro Devices, Inc.)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 09:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" ->  [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2010/11/20 09:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" ->  [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" ->  [1] -> File not found
\\"NoActiveDesktopChanges" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xportar para o Microsoft Excel ->  [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [button: Enviar para o OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL [button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> 
www_bancobrasil.com.br [*] -> Trusted sites -> 
www14_bancobrasil.com.br [*] -> Trusted sites -> 
www2_bancobrasil.com.br [*] -> Trusted sites -> 
www_bb.com.br [*] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\] > -> HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3781067526-2966764731-2999422385-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab [Checkers Class] -> 
{5D6F45B3-9043-443D-A792-115447494D24} [HKLM] -> http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab [unoCtrl Class] -> 
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> 
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] -> 
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab [Java Plug-in 1.6.0_26] -> 
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [HKLM] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab [Minesweeper Flags Class] -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 03:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 22:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
GbPluginBb -> C:\Program Files (x86)\GbPlugin\gbieh.dll -> [2011/06/13 09:03:26 | 001,412,896 | ---- | M] (Banco do Brasil)
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Program Files (x86)\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2011/06/13 09:03:26 | 001,412,896 | ---- | M] (Banco do Brasil)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{258D68FA-F279-4C9C-A101-0A237040642F} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | 
{41E8FACF-17D1-456E-B281-316F616DA0AE} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) | 
{4F12DE93-10A8-4515-8618-59A3D0B90BFD} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | 
{6689CB41-3CDD-4166-8B0D-28AC4882C942} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{07EF475D-AEB9-4BC2-BB27-9EE18C9104E4} -> profile=public | protocol=17 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\pokerclient.exe | 
{0BC45608-0347-4D2A-A672-64EFB48943F1} -> profile=public | protocol=6 | dir=in | action=block | name=bitlord | app=c:\program files (x86)\bitlord\bitlord.exe | 
{0DD04D8B-0B5D-4EE1-A7EE-CD37EDA40AF3} -> profile=private | protocol=17 | dir=in | action=allow | name=full tilt poker | app=c:\program files (x86)\full tilt poker\fulltiltpoker.exe | 
{1934CC94-990B-421A-BF77-A48428190F56} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
{1C13D696-15B3-47F3-932C-9E3B749FC524} -> profile=private | protocol=6 | dir=in | action=allow | name=central de jogos | app=c:\program files (x86)\central de jogos\central.exe | 
{2AA68B86-BEB5-4CA7-8372-AF7A06804E7B} -> profile=private | protocol=6 | dir=in | action=allow | name=full tilt poker | app=c:\program files (x86)\full tilt poker\fulltiltpoker.exe | 
{2CA00626-AA68-40B7-B6D2-441DAC7D624A} -> profile=public | protocol=6 | dir=in | action=block | name=condition zero launcher | app=c:\valve\condition zero\czero.exe | 
{3F029268-29FF-4260-8CB7-18626A86D9F1} -> profile=private | protocol=6 | dir=in | action=allow | name=ftp_ccr | app=c:\program files (x86)\full tilt poker\ftp_ccr.exe | 
{44DFADFC-8F08-42C6-8854-9337E1DDE429} -> profile=public | protocol=6 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\pokerclient.exe | 
{4B4DBD33-1A2D-4830-9249-CC5F9442F472} -> dir=in | action=allow | name=cyberlink media service | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
{51E2D151-31D1-4BB8-8D28-A4DC4E5C0F9D} -> dir=in | action=allow | name=hp touchsmart music | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
{5988183A-C83F-423E-BDD3-468A4815D208} -> profile=public | protocol=6 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
{5AA90511-A617-4C79-BEFE-10237E0D705B} -> dir=in | action=allow | name=windows live mesh | app=c:\program files (x86)\windows live\mesh\moe.exe | 
{5C1FB612-3FC3-42D8-9DE4-372BE2E60135} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system | 
{5CC1F799-5B1E-41F6-9D5B-BFA46BFCD838} -> profile=public | protocol=17 | dir=in | action=block | name=condition zero launcher | app=c:\valve\condition zero\czero.exe | 
{5FD8DB63-54D3-4AC8-A715-666F4A46CC73} -> dir=in | action=allow | name=hp touchsmart photo | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
{687F60A5-DBEE-4413-957E-878B7D24AA7F} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 | 
{815BD90D-F69E-4606-AD91-75B262C5997C} -> profile=private | protocol=17 | dir=in | action=allow | name=ftp_ccr | app=c:\program files (x86)\full tilt poker\ftp_ccr.exe | 
{8207561F-134D-498A-88C5-17076A00C9F0} -> profile=private | protocol=17 | dir=in | action=allow | name=cake poker | app=c:\program files (x86)\rox poker\updater.exe | 
{82B79882-0B3E-42DD-A3FB-8B5E4E406DED} -> profile=private | protocol=6 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\pokerclient.exe | 
{85ABC916-4F94-4343-B706-D4C9596B1B7E} -> profile=public | protocol=17 | dir=in | action=block | name=bitlord | app=c:\program files (x86)\bitlord\bitlord.exe | 
{8618CF45-478B-4F86-8E93-2206490E3DC8} -> profile=public | protocol=6 | dir=in | action=allow | name=configuração de dispositivo hp | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | 
{89E4F693-E8EF-4DA8-8E82-21CD3F83D2B0} -> dir=in | action=allow | name=nokia ovi suite 2 | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
{92FA78EA-769A-4E9B-A9F8-4BECC4004056} -> profile=private | protocol=17 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\roxpokerpoker.exe | 
{9BAE9A6E-8D14-4967-9176-B8F87E16DF5A} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{9DB499FB-8036-4ED4-A272-EF710C7042C7} -> profile=private | protocol=6 | dir=in | action=allow | name=updater | app=c:\program files (x86)\full tilt poker\updater.exe | 
{9FDDD0DF-C9DC-4217-9E0F-58987B7EF008} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{AACE1A92-0655-4264-9F8B-910DA04DE26E} -> profile=private | protocol=6 | dir=in | action=allow | name=cake poker | app=c:\program files (x86)\rox poker\updater.exe | 
{AB0E73DB-8CCC-4F12-83BB-643E05D41624} -> dir=in | action=allow | name=hp touchsmart media resident program | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
{B091AC49-75E5-42BB-8896-81E488DFA000} -> profile=private | protocol=17 | dir=in | action=allow | name=updater | app=c:\program files (x86)\full tilt poker\updater.exe | 
{B542CF71-B441-4E49-B50A-240EBD8BB755} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{B853B515-A811-45AB-AD05-EF156FBB67EA} -> profile=private | protocol=17 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\pokerclient.exe | 
{C61130AD-2641-42AD-884D-C2F485974332} -> dir=in | action=allow | name=nokia service layer host process | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
{D1722E7A-2968-451B-9872-28DE018FAD62} -> profile=public | protocol=17 | dir=in | action=allow | name=configuração de dispositivo hp | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | 
{DAEE1920-383C-48FB-A2E0-B2675F0AD526} -> dir=in | action=allow | name=hp mediasmart dvd | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
{DEF241D7-C11A-4DCB-B815-CD99BF862DD3} -> dir=in | action=allow | name=hp touchsmart video | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
{EB0851DA-9F07-47F8-8409-6A2B4D4E1D8B} -> profile=private | protocol=17 | dir=in | action=allow | name=central de jogos | app=c:\program files (x86)\central de jogos\central.exe | 
{ED5F68D5-78B8-490F-9854-83C42CF0F691} -> profile=private | protocol=6 | dir=in | action=allow | name=rox poker | app=c:\program files (x86)\rox poker\roxpokerpoker.exe | 
{F005D49D-F195-4E89-9359-064A857F5942} -> profile=public | protocol=17 | dir=in | action=block | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
{F150AAC7-D664-48C2-985A-CE9518AF521F} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
{F4572E32-6EAA-41B7-A040-54ED668754B2} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
TCP Query User{1EA9332A-206C-4F7E-9133-79B72FD6702C}C:\program files (x86)\bitlord\bitlord.exe -> profile=private | protocol=6 | dir=in | action=allow | name=bitlord | app=c:\program files (x86)\bitlord\bitlord.exe | 
TCP Query User{62AC7D2E-F80F-4F92-AD8B-A556DF3174B0}C:\program files (x86)\konami\winning eleven 9\we9.exe -> profile=private | protocol=6 | dir=in | action=block | name=we9.exe | app=c:\program files (x86)\konami\winning eleven 9\we9.exe | 
TCP Query User{92FE8F26-7D28-4843-A346-51BEE2212FA6}C:\valve\condition zero\czero.exe -> profile=private | protocol=6 | dir=in | action=allow | name=condition zero launcher | app=c:\valve\condition zero\czero.exe | 
TCP Query User{A0C2162E-4F75-4793-B73C-0FC8178D1328}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
UDP Query User{0F2F31C9-FBE6-4DEC-AFBE-0A46C17ECAB0}C:\valve\condition zero\czero.exe -> profile=private | protocol=17 | dir=in | action=allow | name=condition zero launcher | app=c:\valve\condition zero\czero.exe | 
UDP Query User{2677D2F7-7A95-43E2-9945-CF42A28AF5AC}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
UDP Query User{56493FFD-CEF8-42DE-AC11-07E2A20CBF29}C:\program files (x86)\konami\winning eleven 9\we9.exe -> profile=private | protocol=17 | dir=in | action=block | name=we9.exe | app=c:\program files (x86)\konami\winning eleven 9\we9.exe | 
UDP Query User{B5FA24D6-B2AB-4A60-8958-777E31FA2B3D}C:\program files (x86)\bitlord\bitlord.exe -> profile=private | protocol=17 | dir=in | action=allow | name=bitlord | app=c:\program files (x86)\bitlord\bitlord.exe | 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Driver de CD-ROM -> 
"ImagePath" ->  [\SystemRoot\system32\drivers\cdrom.sys] -> File not found
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 


[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:05:55 | 000,645,120 | ---- | C] (OldTimer Tools)
{9706CEAE-63B6-464F-9BF5-7ED4FADE173B} -> C:\Users\Pierre Cardoso\AppData\Local\{9706CEAE-63B6-464F-9BF5-7ED4FADE173B} -> [2011/06/29 11:25:52 | 000,000,000 | ---D | C]
{47AA35F2-97C5-4EFC-853E-9F03B9C9862F} -> C:\Users\Pierre Cardoso\AppData\Local\{47AA35F2-97C5-4EFC-853E-9F03B9C9862F} -> [2011/06/28 23:25:16 | 000,000,000 | ---D | C]
gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2011/06/24 20:52:38 | 000,046,624 | ---- | C] (GAS Tecnologia)
GbPlugin -> C:\Program Files (x86)\GbPlugin -> [2011/06/24 20:51:53 | 000,000,000 | ---D | C]
Rox Poker -> C:\Users\Pierre Cardoso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rox Poker -> [2011/06/21 19:32:44 | 000,000,000 | ---D | C]
Rox Poker -> C:\Program Files (x86)\Rox Poker -> [2011/06/21 19:06:21 | 000,000,000 | ---D | C]
{70F4B6DE-83F0-4560-BCC7-FCA38CA65DA8} -> C:\Users\Pierre Cardoso\AppData\Local\{70F4B6DE-83F0-4560-BCC7-FCA38CA65DA8} -> [2011/06/18 22:52:04 | 000,000,000 | ---D | C]
{7A16F2AB-8225-4BE0-97F0-36898E7127A0} -> C:\Users\Pierre Cardoso\AppData\Local\{7A16F2AB-8225-4BE0-97F0-36898E7127A0} -> [2011/06/18 22:51:53 | 000,000,000 | ---D | C]
{E68DD8BA-04EF-4E6E-90A5-B46CFAF08C4C} -> C:\Users\Pierre Cardoso\AppData\Local\{E68DD8BA-04EF-4E6E-90A5-B46CFAF08C4C} -> [2011/06/18 22:51:42 | 000,000,000 | ---D | C]
{4109964E-04BA-44D7-9A4C-DDC666B268D4} -> C:\Users\Pierre Cardoso\AppData\Local\{4109964E-04BA-44D7-9A4C-DDC666B268D4} -> [2011/06/18 22:51:31 | 000,000,000 | ---D | C]
{0ACF2843-20A7-45EC-B943-F142A72C02EB} -> C:\Users\Pierre Cardoso\AppData\Local\{0ACF2843-20A7-45EC-B943-F142A72C02EB} -> [2011/06/18 22:51:20 | 000,000,000 | ---D | C]
{54484C22-568C-44D9-A2FF-180FB5D68A12} -> C:\Users\Pierre Cardoso\AppData\Local\{54484C22-568C-44D9-A2FF-180FB5D68A12} -> [2011/06/18 22:51:09 | 000,000,000 | ---D | C]
{DF69E459-B69A-420B-B6FA-191F33DB1090} -> C:\Users\Pierre Cardoso\AppData\Local\{DF69E459-B69A-420B-B6FA-191F33DB1090} -> [2011/06/17 10:43:00 | 000,000,000 | ---D | C]
{87AFE3FD-5BFB-4253-A185-8821351B443B} -> C:\Users\Pierre Cardoso\AppData\Local\{87AFE3FD-5BFB-4253-A185-8821351B443B} -> [2011/06/16 22:42:24 | 000,000,000 | ---D | C]
{80579D11-94E0-4E2B-B0B2-45909A95014B} -> C:\Users\Pierre Cardoso\AppData\Local\{80579D11-94E0-4E2B-B0B2-45909A95014B} -> [2011/06/16 10:40:39 | 000,000,000 | ---D | C]
{AA231726-FD6F-4326-84E2-ABAA6C942C94} -> C:\Users\Pierre Cardoso\AppData\Local\{AA231726-FD6F-4326-84E2-ABAA6C942C94} -> [2011/06/15 10:37:22 | 000,000,000 | ---D | C]
Técnico Administrativo - UFBA -> C:\Users\Pierre Cardoso\Desktop\Técnico Administrativo - UFBA -> [2011/06/14 15:23:45 | 000,000,000 | ---D | C]
Java -> C:\Program Files (x86)\Common Files\Java -> [2011/06/11 09:45:28 | 000,000,000 | ---D | C]
{A8813AC9-5D05-4399-B895-A14A05B6E537} -> C:\Users\Pierre Cardoso\AppData\Local\{A8813AC9-5D05-4399-B895-A14A05B6E537} -> [2011/06/10 15:33:05 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
OTS.exe -> C:\Users\Pierre Cardoso\Desktop\OTS.exe -> [2011/06/30 19:06:17 | 000,645,120 | ---- | M] (OldTimer Tools)
wpd99.drv -> C:\Windows\wpd99.drv -> [2011/06/30 17:35:50 | 000,000,060 | ---- | M] ()
TESTE9~1.JPG -> C:\Users\Pierre Cardoso\Desktop\TESTE9~1.JPG -> [2011/06/30 12:37:58 | 000,065,495 | ---- | M] ()
edital_infra210.pdf -> C:\Users\Pierre Cardoso\Desktop\edital_infra210.pdf -> [2011/06/30 12:32:24 | 000,537,806 | ---- | M] ()
PCDRScheduledMaintenance.job -> C:\Windows\tasks\PCDRScheduledMaintenance.job -> [2011/06/30 12:10:23 | 000,000,544 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/29 19:28:00 | 000,015,792 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/29 19:28:00 | 000,015,792 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/06/29 00:26:12 | 001,523,558 | ---- | M] ()
prfh0416.dat -> C:\Windows\SysNative\prfh0416.dat -> [2011/06/29 00:26:12 | 000,665,706 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/06/29 00:26:12 | 000,617,910 | ---- | M] ()
prfc0416.dat -> C:\Windows\SysNative\prfc0416.dat -> [2011/06/29 00:26:12 | 000,128,896 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/06/29 00:26:12 | 000,107,190 | ---- | M] ()
HPCeeScheduleForPierre Cardoso.job -> C:\Windows\tasks\HPCeeScheduleForPierre Cardoso.job -> [2011/06/29 00:20:53 | 000,000,368 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/06/29 00:20:34 | 000,355,416 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2011/06/29 00:20:30 | 000,067,584 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2011/06/29 00:20:21 | 3113,545,728 | -HS- | M] ()
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2011/06/27 12:13:46 | 000,000,824 | ---- | M] ()
ULHOA.jpg -> C:\Users\Pierre Cardoso\Desktop\ULHOA.jpg -> [2011/06/20 20:57:28 | 000,015,753 | ---- | M] ()
GhostObjGAFix.xml -> C:\Users\Pierre Cardoso\AppData\Roaming\GhostObjGAFix.xml -> [2011/06/19 19:01:53 | 000,001,854 | ---- | M] ()
gbpkm.sys -> C:\Windows\SysWow64\drivers\gbpkm.sys -> [2011/06/13 09:06:20 | 000,046,624 | ---- | M] (GAS Tecnologia)

[Files - No Company Name]
TESTE9~1.JPG -> C:\Users\Pierre Cardoso\Desktop\TESTE9~1.JPG -> [2011/06/30 12:38:14 | 000,065,495 | ---- | C] ()
edital_infra210.pdf -> C:\Users\Pierre Cardoso\Desktop\edital_infra210.pdf -> [2011/06/30 12:32:24 | 000,537,806 | ---- | C] ()
HPCeeScheduleForPierre Cardoso.job -> C:\Windows\tasks\HPCeeScheduleForPierre Cardoso.job -> [2011/06/26 19:47:03 | 000,000,368 | ---- | C] ()
ULHOA.jpg -> C:\Users\Pierre Cardoso\Desktop\ULHOA.jpg -> [2011/06/20 20:57:28 | 000,015,753 | ---- | C] ()
GhostObjGAFix.xml -> C:\Users\Pierre Cardoso\AppData\Roaming\GhostObjGAFix.xml -> [2011/05/15 19:47:41 | 000,001,854 | ---- | C] ()
MSJCE.dll -> C:\Windows\SysWow64\MSJCE.dll -> [2011/04/14 14:30:33 | 000,069,632 | ---- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/01/26 12:31:54 | 001,508,738 | ---- | C] ()
tmpDSC00310.JPG -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00310.JPG -> [2010/09/12 14:19:32 | 004,477,480 | ---- | C] ()
tmpDSC00293_CROP.JPG -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00293_CROP.JPG -> [2010/09/12 14:16:02 | 000,175,810 | ---- | C] ()
tmpDSC00293_CROP.0 -> C:\Users\Pierre Cardoso\AppData\Local\tmpDSC00293_CROP.0 -> [2010/09/12 14:16:02 | 000,144,847 | ---- | C] ()
pxhpinst.exe -> C:\Windows\SysWow64\pxhpinst.exe -> [2010/07/09 13:49:29 | 000,053,248 | ---- | C] ()
winamp.ini -> C:\Windows\winamp.ini -> [2010/07/09 13:49:26 | 000,001,125 | ---- | C] ()
CmdLineExt03.dll -> C:\Windows\SysWow64\CmdLineExt03.dll -> [2010/07/09 12:27:41 | 000,043,520 | ---- | C] ()
wpd99.drv -> C:\Windows\wpd99.drv -> [2010/07/09 11:59:07 | 000,000,060 | ---- | C] ()
pdf995mon64.dll -> C:\Windows\SysWow64\pdf995mon64.dll -> [2010/07/09 11:59:06 | 000,047,616 | ---- | C] ()
dancemat.exe -> C:\Windows\SysWow64\dancemat.exe -> [2010/07/08 22:40:32 | 000,073,757 | ---- | C] ()
zipnew.dat -> C:\Program Files (x86)\zipnew.dat -> [2010/07/06 23:33:35 | 000,000,022 | ---- | C] ()
rarnew.dat -> C:\Program Files (x86)\rarnew.dat -> [2010/07/06 23:33:35 | 000,000,020 | ---- | C] ()
Default.SFX -> C:\Program Files (x86)\Default.SFX -> [2010/07/06 23:33:15 | 000,096,092 | ---- | C] ()
Zip.SFX -> C:\Program Files (x86)\Zip.SFX -> [2010/07/06 23:33:15 | 000,077,660 | ---- | C] ()
WinCon.SFX -> C:\Program Files (x86)\WinCon.SFX -> [2010/07/06 23:33:15 | 000,073,472 | ---- | C] ()
winrar.lng -> C:\Program Files (x86)\winrar.lng -> [2010/07/06 23:33:15 | 000,050,278 | ---- | C] ()
rar.lng -> C:\Program Files (x86)\rar.lng -> [2010/07/06 23:33:15 | 000,018,316 | ---- | C] ()
uninstall.lng -> C:\Program Files (x86)\uninstall.lng -> [2010/07/06 23:33:15 | 000,003,895 | ---- | C] ()
rarext.lng -> C:\Program Files (x86)\rarext.lng -> [2010/07/06 23:33:15 | 000,001,623 | ---- | C] ()
WinRAR.chm -> C:\Program Files (x86)\WinRAR.chm -> [2010/07/06 23:33:14 | 001,678,060 | ---- | C] ()
WinRAR.exe -> C:\Program Files (x86)\WinRAR.exe -> [2010/07/06 23:33:14 | 001,039,360 | ---- | C] ()
Rar.exe -> C:\Program Files (x86)\Rar.exe -> [2010/07/06 23:33:14 | 000,378,880 | ---- | C] ()
UnRAR.exe -> C:\Program Files (x86)\UnRAR.exe -> [2010/07/06 23:33:14 | 000,246,272 | ---- | C] ()
RarExt.dll -> C:\Program Files (x86)\RarExt.dll -> [2010/07/06 23:33:14 | 000,141,824 | ---- | C] ()
Uninstall.exe -> C:\Program Files (x86)\Uninstall.exe -> [2010/07/06 23:33:14 | 000,120,832 | ---- | C] ()
RarExt64.dll -> C:\Program Files (x86)\RarExt64.dll -> [2010/07/06 23:33:14 | 000,052,224 | ---- | C] ()
RarExtLoader.exe -> C:\Program Files (x86)\RarExtLoader.exe -> [2010/07/06 23:33:14 | 000,045,056 | ---- | C] ()
Order.htm -> C:\Program Files (x86)\Order.htm -> [2010/07/06 23:33:14 | 000,003,798 | ---- | C] ()
Descript.ion -> C:\Program Files (x86)\Descript.ion -> [2010/07/06 23:33:14 | 000,001,224 | ---- | C] ()
RarFiles.lst -> C:\Program Files (x86)\RarFiles.lst -> [2010/07/06 23:33:14 | 000,001,088 | ---- | C] ()
Uninstall.lst -> C:\Program Files (x86)\Uninstall.lst -> [2010/07/06 23:33:14 | 000,000,639 | ---- | C] ()
File_Id.diz -> C:\Program Files (x86)\File_Id.diz -> [2010/07/06 23:33:14 | 000,000,587 | ---- | C] ()
libavcodec.dll -> C:\Windows\SysWow64\libavcodec.dll -> [2010/05/24 16:33:00 | 004,670,829 | ---- | C] ()
ff_samplerate.dll -> C:\Windows\SysWow64\ff_samplerate.dll -> [2010/05/24 16:33:00 | 001,529,856 | ---- | C] ()
ffmpegmt.dll -> C:\Windows\SysWow64\ffmpegmt.dll -> [2010/05/24 16:33:00 | 001,447,921 | ---- | C] ()
ff_x264.dll -> C:\Windows\SysWow64\ff_x264.dll -> [2010/05/24 16:33:00 | 000,877,385 | ---- | C] ()
xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2010/05/24 16:33:00 | 000,810,113 | ---- | C] ()
ff_libfaad2.dll -> C:\Windows\SysWow64\ff_libfaad2.dll -> [2010/05/24 16:33:00 | 000,336,384 | ---- | C] ()
TomsMoComp_ff.dll -> C:\Windows\SysWow64\TomsMoComp_ff.dll -> [2010/05/24 16:33:00 | 000,324,096 | ---- | C] ()
ff_kernelDeint.dll -> C:\Windows\SysWow64\ff_kernelDeint.dll -> [2010/05/24 16:33:00 | 000,248,320 | ---- | C] ()
ff_libdts.dll -> C:\Windows\SysWow64\ff_libdts.dll -> [2010/05/24 16:33:00 | 000,216,576 | ---- | C] ()
ff_libmad.dll -> C:\Windows\SysWow64\ff_libmad.dll -> [2010/05/24 16:33:00 | 000,151,552 | ---- | C] ()
libmpeg2_ff.dll -> C:\Windows\SysWow64\libmpeg2_ff.dll -> [2010/05/24 16:33:00 | 000,145,408 | ---- | C] ()
libmplayer.dll -> C:\Windows\SysWow64\libmplayer.dll -> [2010/05/24 16:33:00 | 000,139,944 | ---- | C] ()
ff_liba52.dll -> C:\Windows\SysWow64\ff_liba52.dll -> [2010/05/24 16:33:00 | 000,121,856 | ---- | C] ()
ff_tremor.dll -> C:\Windows\SysWow64\ff_tremor.dll -> [2010/05/24 16:33:00 | 000,116,736 | ---- | C] ()
ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2010/05/24 16:33:00 | 000,108,032 | ---- | C] ()
ff_wmv9.dll -> C:\Windows\SysWow64\ff_wmv9.dll -> [2010/05/24 16:33:00 | 000,100,864 | ---- | C] ()
ff_unrar.dll -> C:\Windows\SysWow64\ff_unrar.dll -> [2010/05/24 16:33:00 | 000,097,792 | ---- | C] ()
mkx.dll -> C:\Windows\SysWow64\mkx.dll -> [2010/05/19 17:59:20 | 000,150,528 | ---- | C] ()
avi.dll -> C:\Windows\SysWow64\avi.dll -> [2010/05/19 17:59:10 | 000,109,568 | ---- | C] ()
mp4.dll -> C:\Windows\SysWow64\mp4.dll -> [2010/05/19 17:59:02 | 000,141,824 | ---- | C] ()
ogm.dll -> C:\Windows\SysWow64\ogm.dll -> [2010/05/19 17:58:52 | 000,123,392 | ---- | C] ()
dsmux.exe -> C:\Windows\SysWow64\dsmux.exe -> [2010/05/19 17:58:24 | 000,113,152 | ---- | C] ()
ts.dll -> C:\Windows\SysWow64\ts.dll -> [2010/05/19 17:58:18 | 000,154,112 | ---- | C] ()
dxr.dll -> C:\Windows\SysWow64\dxr.dll -> [2010/05/19 17:58:08 | 000,249,856 | ---- | C] ()
avs.dll -> C:\Windows\SysWow64\avs.dll -> [2010/05/19 17:57:42 | 000,097,792 | ---- | C] ()
mkv2vfr.exe -> C:\Windows\SysWow64\mkv2vfr.exe -> [2010/05/19 17:57:38 | 000,137,728 | ---- | C] ()
avss.dll -> C:\Windows\SysWow64\avss.dll -> [2010/05/19 17:57:26 | 000,093,184 | ---- | C] ()
gdsmux.exe -> C:\Windows\SysWow64\gdsmux.exe -> [2010/05/19 17:57:20 | 000,358,400 | ---- | C] ()
mkzlib.dll -> C:\Windows\SysWow64\mkzlib.dll -> [2010/05/19 17:55:40 | 000,080,384 | ---- | C] ()
mkunicode.dll -> C:\Windows\SysWow64\mkunicode.dll -> [2010/05/19 17:55:36 | 000,024,576 | ---- | C] ()
ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2010/01/05 15:43:38 | 000,000,000 | ---- | C] ()
LPRES.DLL -> C:\Windows\LPRES.DLL -> [2009/09/29 14:25:16 | 000,013,312 | ---- | C] ()
ac3config.exe -> C:\Windows\SysWow64\ac3config.exe -> [2009/08/11 18:21:26 | 000,087,552 | ---- | C] ()
bootstat(17).dat -> C:\Windows\bootstat(17).dat -> [2009/07/14 02:38:36 | 000,067,584 | --S- | C] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 02:38:36 | 000,067,584 | ---- | C] ()
NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 23:35:51 | 000,000,741 | ---- | C] ()
dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 23:34:42 | 000,215,943 | ---- | C] ()
mib.bin -> C:\Windows\mib.bin -> [2009/07/13 21:10:29 | 000,043,131 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 20:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 18:03:59 | 000,364,544 | ---- | C] ()
mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 18:26:10 | 000,673,088 | ---- | C] ()
xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2009/06/07 13:24:04 | 000,180,224 | ---- | C] ()
mmfinfo.dll -> C:\Windows\SysWow64\mmfinfo.dll -> [2009/01/10 19:15:44 | 000,159,744 | ---- | C] ()
qt-dx331.dll -> C:\Windows\SysWow64\qt-dx331.dll -> [2008/11/06 12:37:32 | 003,596,288 | ---- | C] ()
xlive.dll.cat -> C:\Windows\SysWow64\xlive.dll.cat -> [2008/10/22 05:29:06 | 000,173,550 | ---- | C] ()
AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/04/28 11:11:16 | 000,053,248 | ---- | C] ()
Registration.ini -> C:\Windows\SysWow64\Registration.ini -> [2007/10/13 06:30:20 | 000,000,137 | ---- | C] ()

[File - Lop Check]
DAEMON Tools Lite -> C:\Users\Pierre Cardoso\AppData\Roaming\DAEMON Tools Lite -> [2010/07/08 22:08:49 | 000,000,000 | ---D | M]
Eidos -> C:\Users\Pierre Cardoso\AppData\Roaming\Eidos -> [2010/12/14 21:41:08 | 000,000,000 | ---D | M]
Nokia -> C:\Users\Pierre Cardoso\AppData\Roaming\Nokia -> [2010/12/15 21:56:11 | 000,000,000 | ---D | M]
PC Suite -> C:\Users\Pierre Cardoso\AppData\Roaming\PC Suite -> [2011/01/26 10:41:24 | 000,000,000 | ---D | M]
pdf995 -> C:\Users\Pierre Cardoso\AppData\Roaming\pdf995 -> [2010/07/09 12:00:40 | 000,000,000 | ---D | M]
Sports Interactive -> C:\Users\Pierre Cardoso\AppData\Roaming\Sports Interactive -> [2011/02/10 23:13:58 | 000,000,000 | ---D | M]
VDownloader -> C:\Users\Pierre Cardoso\AppData\Roaming\VDownloader -> [2010/09/08 20:29:39 | 000,000,000 | ---D | M]
WinBatch -> C:\Users\Pierre Cardoso\AppData\Roaming\WinBatch -> [2010/07/03 16:39:28 | 000,000,000 | ---D | M]
Windows Live Writer -> C:\Users\Pierre Cardoso\AppData\Roaming\Windows Live Writer -> [2010/10/20 20:51:16 | 000,000,000 | ---D | M]
XMedia Recode -> C:\Users\Pierre Cardoso\AppData\Roaming\XMedia Recode -> [2011/04/15 21:09:04 | 000,000,000 | ---D | M]
YoudaGames -> C:\Users\Pierre Cardoso\AppData\Roaming\YoudaGames -> [2011/05/01 19:24:17 | 000,000,000 | ---D | M]
PCDRScheduledMaintenance.job -> C:\Windows\Tasks\PCDRScheduledMaintenance.job -> [2011/06/30 12:10:23 | 000,000,544 | ---- | M] ()
SCHEDLGU(19).TXT -> C:\Windows\Tasks\SCHEDLGU(19).TXT -> [2009/07/14 02:08:49 | 000,019,288 | ---- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/14 02:08:49 | 000,027,782 | ---- | M] ()

[File - Purity Scan]


[Alternate Data Streams]
@Alternate Data Stream - 204 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 81 bytes -> C:\Program Files (x86)\Rox Poker:MID
< End of report >

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

1.

*Execute o OTS

*Clique [CleanUp] > [Yes]

*O PC será reiniciado

 

O log está limpo.

 

 

Um abraço.

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito