Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Bolaosoft

[Arquivado] Análise de Log - Hijackthis

Recommended Posts

Olá amigos, a uns dias meu computador anda estranho, dando msg de erro no explorer a todo tempo, o IE que prefiro utilizar fica travando, o Firefox não abre, gostaria da ajuda dos senhores na solução do problema.

 

Ps.: Não utilizo anti virus e Meu OS é Windows 7 Ultimate. Segue abaixo LOG do Hijackthis.

 

-------------------------------------------------------------------------------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:32:31, on 04/10/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\uolite3\client3c_1024-2_lcpu.exe

C:\Users\Alessandro\Desktop\EUOX.exe

C:\Program Files\GetRight\GetRight.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Alessandro\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Windows Media Sharing Plugin - {D171290D-6413-4ED4-9E4D-1D300E3C8DCD} - C:\ProgramData\Windows\ntfs64.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-21-2545452164-544833034-3868391069-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2545452164-544833034-3868391069-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: Internet Explorer.lnk = C:\Program Files\Internet Explorer\iexplore.exe

O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)

O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Client\MsMpEng.exe (file missing)

O23 - Service: @C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - C:\Program Files\Microsoft Security Client\NisSrv.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

 

--

End of file - 8374 bytes

 

 

No aguardo de como proceder.

 

Grato.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Bolaosoft

 

|- Baixe: < otlDesktopIcon.png > ( ... by OldTimer Tools )

 

|- Clique em Salvar!

 

abbLFX11.jpg

 

|- Salve-o no desktop!

|- Duplo clique em OTL.exe >> Executar.

 

OTL_Configuracao.jpg >> OTL_Padrao.jpg

 

|- Configure "Verificação de Arquivos",segundo a screenshot!

 

OTL_SemExt2.jpg

 

|- Ps: Faça o mesmo para estes!

|- Em "Exame Extra do Registro",assinale "Nenhum".

 

*crack* /s 
*keygen* /s 
*serial* /s 
*AutoKMS* /s
*loader* /s
%APPDATA%\Local\*.
%APPDATA%\*.exe /s
%APPDATA%\*.
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\GAC\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%USERPROFILE%\Desktop\registrybackup.reg /c 
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
/md5start
netsvcs
explorer.exe
userinit.exe
winlogon.exe
svchost.exe
services.*
uninst.exe
/md5stop
regedit /e c:\registrybackup.reg /c
type c:\boot.ini >> test.txt /c
%systemroot%\system32\tasks\*.* /s /64
%systemroot%\system32\Tasks\*.* /s
%windir%\tasks\*.* /s

6659d256325569c6e621117dc332966313a07d11cb5fb0ea4d9176217c7aefa76g.jpg

 

|- Cole estas informações,que estão em verde,para o campo "Exames Personalizados/Correções".

 

OTL_Verificar2.jpg

 

|- Concluindo,poste o relatório: OTL.txt

 

|- Para grandes relatórios,acesse: < Cjoint_Logo.jpg >

 

|- Maiores informações: < |Link| >

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Conforme solicitado segue o relatorio do OTL.

 

--------------------------------------------------------------------------------------------------------------------

 

OTL logfile created on: 04/10/2012 19:15:43 - Run 1

OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Alessandro\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

3,25 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,87% Memory free

6,50 Gb Paging File | 3,32 Gb Available in Paging File | 51,16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 35,37 Gb Total Space | 12,48 Gb Free Space | 35,30% Space Free | Partition Type: NTFS

Drive D: | 39,06 Gb Total Space | 33,05 Gb Free Space | 84,61% Space Free | Partition Type: NTFS

 

Computer Name: ALESSANDRO-PC | User Name: Alessandro | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

========== Custom Scans ==========

 

< *crack* /s >

[2008/09/23 17:19:08 | 000,016,223 | ---- | M] () -- \Mu\Data\Effect\firecracker0001.OZJ

[2008/09/23 17:19:08 | 000,017,939 | ---- | M] () -- \Mu\Data\Effect\firecracker0002.OZJ

[2008/09/23 17:19:08 | 000,020,684 | ---- | M] () -- \Mu\Data\Effect\firecracker0003.OZJ

[2008/09/23 17:19:08 | 000,023,889 | ---- | M] () -- \Mu\Data\Effect\firecracker0004.OZJ

[2008/09/23 17:19:08 | 000,027,580 | ---- | M] () -- \Mu\Data\Effect\firecracker0005.OZJ

[2008/09/23 17:19:08 | 000,029,199 | ---- | M] () -- \Mu\Data\Effect\firecracker0006.OZJ

[2008/09/23 17:19:08 | 000,028,015 | ---- | M] () -- \Mu\Data\Effect\firecracker0007.OZJ

[2009/06/30 15:38:36 | 000,034,210 | ---- | M] () -- \Mu\Data\Effect\GoblinCrack.OZJ

[2008/05/20 17:23:34 | 000,011,320 | ---- | M] () -- \Mu\Data\Effect\knight_plancrack_a.bmd

[2008/05/26 11:10:42 | 000,005,648 | ---- | M] () -- \Mu\Data\Effect\knight_plancrack_b.bmd

[2010/08/04 19:43:30 | 000,161,560 | ---- | M] () -- \Mu\Data\Effect\knight_plancrack_dragon.bmd

[2008/04/24 16:01:00 | 000,160,240 | ---- | M] () -- \Mu\Data\Effect\knight_plancrack_grand.bmd

[2009/06/30 15:38:32 | 000,002,072 | ---- | M] () -- \Mu\Data\Effect\NpcGagoil_Crack01.bmd

[2009/06/30 15:38:32 | 000,004,428 | ---- | M] () -- \Mu\Data\Effect\NpcGagoil_Crack02.bmd

[2009/06/30 15:38:32 | 000,003,024 | ---- | M] () -- \Mu\Data\Effect\NpcGagoil_Crack03.bmd

[2003/01/13 14:38:06 | 000,003,448 | ---- | M] () -- \Mu\Data\Item\firecracker.OZJ

[2009/06/30 15:38:36 | 000,034,210 | ---- | M] () -- \Mu\Data\Monster\GoblinCrack.OZJ

[2006/07/03 10:30:54 | 000,016,685 | ---- | M] () -- \Mu\Data\Object40\han_mcrack.OZJ

[2003/01/14 18:11:30 | 000,129,158 | ---- | M] () -- \Mu\Data\Sound\eFirecracker1.wav

[2003/01/14 18:11:32 | 000,132,402 | ---- | M] () -- \Mu\Data\Sound\eFirecracker2.wav

[2012/08/18 00:10:12 | 000,000,190 | ---- | M] () -- \Users\Alessandro\Favorites\AutoCAD 2012 + crack serial Download Baixar.url

 

< *keygen* /s >

 

< *serial* /s >

[2012/04/11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll

[2012/05/20 20:26:35 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll

[2012/07/22 16:54:16 | 000,005,687 | ---- | M] () -- \Program Files\PokerStars\gx\tokenserial.jpg

[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll

[2009/07/17 15:46:54 | 000,094,208 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-BR\System.RunTime.Serialization.Resources.dll

[2012/08/18 00:10:12 | 000,000,190 | ---- | M] () -- \Users\Alessandro\Favorites\AutoCAD 2012 + crack serial Download Baixar.url

[2009/07/17 15:46:18 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll

[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

[2009/07/17 15:46:55 | 000,094,208 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_pt-BR_b77a5c561934e089\System.RunTime.Serialization.Resources.dll

[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

[2012/05/10 23:08:48 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\35fcbda2532ece23d09a044aa2ef62a4\System.Runtime.Serialization.Formatters.Soap.ni.dll

[2012/05/10 23:16:29 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll

[2012/05/17 21:19:39 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll

[2012/05/17 21:19:32 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll

[2012/05/17 21:22:55 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll

[2012/06/13 03:14:46 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

[2012/06/13 03:14:43 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

[2012/06/13 03:14:55 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll

[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

[2009/07/17 15:46:25 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\System.Runtime.Serialization.Formatters.Soap.resources.dll

[2009/06/10 18:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

[2010/03/18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll

[2010/03/18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll

[2011/04/06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll

[2009/07/13 22:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll

[2009/07/13 20:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys

[2009/07/13 23:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui

[2009/07/17 15:46:41 | 000,011,264 | ---- | M] () -- \Windows\System32\drivers\pt-BR\serial.sys.mui

[2009/07/13 19:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys

[2009/07/13 20:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys

[2009/07/13 19:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys

[2009/07/13 23:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui

[2009/07/17 15:46:29 | 000,005,120 | ---- | M] () -- \Windows\System32\pt-BR\serialui.dll.mui

[2009/07/13 23:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest

[2009/07/13 23:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744

[2009/07/17 15:47:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7264.0_pt-br_04d8ecf0a58dba8d_serialui.dll.mui_7d29d2a3

[2009/07/14 01:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3

[2009/07/13 23:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328

[2009/07/13 22:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest

[2009/07/17 15:44:08 | 000,001,631 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7264.0_pt-br_142dff3fce6a1510.manifest

[2009/07/13 23:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest

[2009/07/13 22:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest

[2009/07/13 22:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest

[2009/07/13 22:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest

[2009/07/13 22:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest

[2009/06/10 18:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll

[2009/07/17 15:46:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7264.0_pt-br_b59bf920244f2da4\System.Runtime.Serialization.Formatters.Soap.resources.dll

[2009/06/10 18:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll

[2009/07/17 15:46:55 | 000,094,208 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7264.0_pt-br_142dff3fce6a1510\System.RunTime.Serialization.Resources.dll

[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll

[2009/07/13 19:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys

[2009/07/17 15:46:25 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7264.0_pt-br_769a76526d39092f\System.Runtime.Serialization.Formatters.Soap.resources.dll

[2009/07/17 15:46:29 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7264.0_pt-br_04d8ecf0a58dba8d\serialui.dll.mui

[2009/07/13 23:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui

[2009/07/13 22:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll

[2009/07/17 15:46:54 | 000,094,208 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7264.0_pt-br_13e21df01461cf6c\System.RunTime.Serialization.Resources.dll

[2009/07/17 15:46:41 | 000,011,264 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7264.0_pt-br_7b242de50e1f5a36\serial.sys.mui

[2009/07/13 23:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui

[2009/07/13 20:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys

[2009/07/13 19:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys

[2009/06/10 18:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll

 

< *AutoKMS* /s >

 

< *loader* /s >

[2001/01/16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader.dll

[2001/01/16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader.tlb

[2009/10/06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 3050 J610 series\Bin\HelpViewer\Resources\Loader.gif

[2011/10/17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll

[2011/11/06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll

[2011/07/02 23:32:14 | 000,057,856 | ---- | M] () -- \Program Files\Razor\Loader.dll

[2009/06/02 01:16:58 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe

[2012/02/28 18:27:41 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js

[2012/02/28 18:27:41 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul

[2012/02/15 13:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif

[2012/02/15 13:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png

[2012/04/18 16:16:14 | 000,000,651 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03ILIPN0\adloader[2].htm

[2012/10/04 19:06:27 | 000,000,847 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3TNQ414\ajax-loader[1].gif

[2012/10/02 23:52:41 | 000,000,753 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNDCLEJ1\AdLoader[1].htm

[2012/10/03 14:19:25 | 000,001,737 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNDCLEJ1\ajax_loader[1].gif

[2012/10/03 12:13:23 | 000,003,208 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNDCLEJ1\ajax_loader_white[1].gif

[2012/10/04 19:04:18 | 000,004,254 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNDCLEJ1\js_preloader[1].gif

[2012/10/04 17:13:30 | 000,003,208 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G20F4JC7\ajax_loader_white[1].gif

[2012/10/04 17:19:23 | 000,015,287 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G20F4JC7\modal-loader[1].png

[2012/03/18 12:08:45 | 000,000,652 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NF43W6P1\AdLoader[1].htm

[2012/10/03 00:11:28 | 000,111,362 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R16YDVNY\Microsoft.Live.Messenger.Services.Loader[1].js

[2012/10/04 13:20:09 | 000,011,362 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R16YDVNY\uploader-min[1].js

[2012/10/04 17:13:30 | 000,001,737 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOME7OJL\ajax_loader[1].gif

[2012/10/03 00:11:27 | 000,040,101 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOME7OJL\loader.cxp[1].js

[2012/10/02 22:41:04 | 000,061,619 | ---- | M] () -- \Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YNW0X7WP\yuiloader-dom-event[1].js

[2012/08/28 20:59:51 | 000,000,121 | ---- | M] () -- \Users\Alessandro\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8QMJZXVP\pt-controlinveste.cdn.videoplaza.tv\com.videoplaza.bootloader.sol

[2012/02/28 18:27:41 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js

[2012/02/28 18:27:41 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul

[2012/02/15 13:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif

[2012/02/15 13:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png

[2012/02/28 18:27:41 | 000,007,715 | ---- | M] () -- \Users\Todos os Usuários\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js

[2012/02/28 18:27:41 | 000,000,319 | ---- | M] () -- \Users\Todos os Usuários\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul

[2012/02/15 13:28:30 | 000,072,638 | ---- | M] () -- \Users\Todos os Usuários\Skype\Apps\login\images\loader.gif

[2012/02/15 13:28:30 | 000,003,032 | ---- | M] () -- \Users\Todos os Usuários\Skype\Apps\login\images\loader.png

[2011/07/16 01:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2009/07/13 22:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll

[2009/07/14 01:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader

[2009/07/17 15:47:23 | 000,002,879 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7264.0_pt-br_e9b07a08beec7026.manifest

[2009/07/17 15:47:23 | 000,035,408 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7264.0_pt-br_e9b07a08beec7026_winload.exe.mui_3bc5b827

[2009/07/17 15:47:23 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7264.0_pt-br_e9b07a08beec7026_winresume.exe.mui_ff8b5358

[2009/07/14 01:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest

[2009/07/14 01:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827

[2009/07/14 01:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358

[2012/02/28 18:31:11 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest

[2012/02/28 18:31:11 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076

[2012/02/28 18:31:11 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215

[2009/07/13 23:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest

[2009/07/13 23:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0

[2009/07/17 15:43:02 | 000,002,879 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7264.0_pt-br_e9b07a08beec7026.manifest

[2009/07/13 23:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest

[2009/07/13 22:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest

[2009/08/19 04:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest

[2009/08/19 04:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest

[2009/07/13 22:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest

[2009/07/13 22:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll

[2009/07/13 22:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/16 01:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/16 01:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/16 01:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/16 01:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

 

< %APPDATA%\Local\*. >

 

< %APPDATA%\*.exe /s >

[2012/08/12 14:04:06 | 000,450,200 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe

[2012/08/20 14:22:49 | 000,450,200 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe

[2012/10/02 15:29:43 | 000,450,200 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe

[2012/10/02 15:29:43 | 000,450,200 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe

[2012/10/02 18:52:06 | 028,111,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_data\RealPlayer_br.exe

[2012/10/02 18:30:26 | 000,760,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Alessandro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_exe\RealPlayer_br.exe

 

< %APPDATA%\*. >

[2012/10/02 22:02:06 | 000,000,000 | -HSD | M] -- C:\Users\Alessandro\AppData\Roaming\4f6505e

[2012/06/12 12:53:30 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Adobe

[2012/10/04 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\GetRight Pro

[2012/02/28 17:42:56 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Identities

[2012/02/28 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Macromedia

[2009/07/14 04:48:45 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Media Center Programs

[2012/08/05 17:29:16 | 000,000,000 | --SD | M] -- C:\Users\Alessandro\AppData\Roaming\Microsoft

[2012/02/28 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Mozilla

[2012/03/18 12:30:39 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\NVIDIA

[2012/06/25 16:26:37 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Oracle

[2012/03/06 10:46:49 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Razor

[2012/06/07 01:39:31 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Real

[2012/07/05 11:02:01 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\RealNetworks

[2012/10/03 17:51:41 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Skype

[2012/06/25 16:21:01 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Sun

[2012/05/30 00:07:11 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\TeamViewer

[2012/03/10 16:02:33 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\TS3Client

[2012/03/10 15:43:13 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\ts3overlay

[2012/02/28 20:37:35 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\WinRAR

 

< %USERPROFILE%\AppData\Local\*.* >

[2012/02/28 18:23:14 | 000,063,560 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\GDIPFONTCACHEV1.DAT

[2012/10/04 13:28:29 | 002,230,083 | -H-- | M] () -- C:\Users\Alessandro\AppData\Local\IconCache.db

 

< %USERPROFILE%\AppData\Roaming\*.* >

[2012/07/02 20:10:40 | 000,063,560 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\GDIPFONTCACHEV1.DAT

 

< %systemroot%\assembly\tmp\*.* /S /MD5 >

 

< %systemroot%\assembly\temp\*.* /S /MD5 >

 

< %systemroot%\assembly\GAC\*.* /S /MD5 >

[2009/07/14 01:42:34 | 000,356,352 | ---- | M] () MD5=DD2EB5E64619613C4C108CFB192F4950 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll

[2009/07/14 01:42:34 | 000,000,325 | ---- | M] () MD5=3A74C27634435F509DC024FEEBE670E5 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini

[2009/07/14 01:42:34 | 000,516,096 | ---- | M] () MD5=A02EE61542CAAE25F8A44C9428D30247 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll

[2009/07/14 01:42:34 | 000,000,328 | ---- | M] () MD5=FAF707724A740277714E33A65F4995BF -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini

 

< %systemroot%\assembly\GAC_32\*.* /S /MD5 >

[2009/07/13 22:19:59 | 000,004,608 | ---- | M] () MD5=2CBEAFED3233C20DF11B88DF909CD74F -- C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll

[2009/07/13 22:25:34 | 000,238,080 | ---- | M] () MD5=CA14B4670046CA499087F36070E187D6 -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll

[2009/06/10 18:22:50 | 000,069,120 | ---- | M] () MD5=A7C018EA06C5E8F73BB2BBEF072BFBAC -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

[2009/06/10 18:22:57 | 000,072,192 | ---- | M] () MD5=BBE45F61F5A170FC518F283E872D6F20 -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

[2009/07/13 22:20:04 | 000,134,656 | ---- | M] () MD5=BFE7E37D0E47FAD0FCB0C959AC566DE5 -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll

[2010/08/04 03:28:45 | 000,186,368 | ---- | M] () MD5=2B8526928699585A81B0E1249D64703C -- C:\Windows\assembly\GAC_32\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe

[2009/07/13 22:20:56 | 000,121,856 | ---- | M] () MD5=15483F90F8D22ECE512F3224F69FD5C8 -- C:\Windows\assembly\GAC_32\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll

[2009/07/13 23:12:54 | 000,090,112 | ---- | M] () MD5=7643FE2D5D8DC339868BD4D952E0F385 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll

[2009/07/17 15:47:06 | 000,090,112 | ---- | M] () MD5=92661AE4F10921C7458BB77C57C81A07 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt-BR_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll

[2009/07/13 22:21:26 | 000,189,952 | ---- | M] () MD5=1ABB50BC0EC02F4D16C6300CDAD04EDB -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll

[2009/07/13 22:24:07 | 000,146,432 | ---- | M] () MD5=82FBA2151ACAD6329BF79E845B9C1038 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll

[2009/07/13 22:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll

[2009/07/13 22:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll

[2011/08/17 01:30:26 | 000,280,576 | ---- | M] () MD5=7FF4C376BF58EBF0E1054B2902E37745 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll

[2009/07/13 22:25:23 | 000,129,536 | ---- | M] () MD5=097A68781F1682677E875CAB06969C2D -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll

[2009/07/13 22:22:38 | 000,053,248 | ---- | M] () MD5=965CF066D3FDBA1AF5B53E58F1500529 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll

[2010/08/04 03:28:46 | 000,139,264 | ---- | M] () MD5=68075E9D74DD37B7D11CDC644C77135E -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll

[2009/07/13 22:23:17 | 000,307,712 | ---- | M] () MD5=2C66DB2944AE9A10CA1E51B7D083742B -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll

[2009/07/13 22:23:55 | 000,008,192 | ---- | M] () MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C -- C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll

[2009/06/10 18:14:03 | 000,163,840 | ---- | M] () MD5=4EF239C0475CE7B45993255D5E474AF7 -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

[2009/07/13 22:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll

[2009/07/13 22:23:22 | 000,019,968 | ---- | M] () MD5=3A353975A7EC8BB4918E8E93BB7F9143 -- C:\Windows\assembly\GAC_32\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll

[2009/06/10 18:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe

[2009/06/10 18:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config

[2009/06/10 18:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp

[2009/06/10 18:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp

[2009/06/10 18:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp

[2012/01/03 23:51:14 | 004,550,656 | ---- | M] () MD5=49EFD6FD16C261354997115476B19F7B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

[2009/06/10 18:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp

[2009/06/10 18:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp

[2009/06/10 18:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp

[2009/06/10 18:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp

[2009/06/10 18:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp

[2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp

[2009/06/10 18:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp

[2009/06/10 18:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp

[2009/06/10 18:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp

[2009/06/10 18:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp

[2009/07/13 22:22:14 | 000,046,080 | ---- | M] () MD5=276A2AEC6AB593A5F01544A25B34BE9C -- C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL

[2009/07/13 22:22:23 | 000,107,008 | ---- | M] () MD5=7102A6961F0A526A790704946902B23A -- C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL

[2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config

[2009/07/13 22:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll

[2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config

[2009/07/13 22:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll

[2009/06/10 18:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config

[2009/07/13 22:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll

[2009/07/13 19:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config

[2009/07/13 22:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll

[2009/07/13 19:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config

[2009/07/13 22:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll

[2012/04/05 21:49:39 | 004,214,784 | ---- | M] () MD5=27BED235F5497DEBC6EF6EFAF4BA1D60 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

[2009/06/10 18:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config

[2012/04/05 21:49:40 | 001,737,296 | ---- | M] () MD5=4538040E7B6B281A0468BFBD7BE6ADBB -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll

[2009/06/10 18:23:17 | 000,486,400 | ---- | M] () MD5=12777E85B175899C02C645D839C83506 -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

[2009/06/10 18:23:17 | 002,933,248 | ---- | M] () MD5=CE24654E99CB7FB24903F8A1826FF343 -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

[2009/06/10 18:23:18 | 000,258,048 | ---- | M] () MD5=C18C30BFFDF790463B4F5B2311652208 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

[2009/07/13 17:46:36 | 000,113,664 | ---- | M] () MD5=D16E07E806ABA236B604B92693CE35E0 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

[2012/04/05 21:49:40 | 000,368,640 | ---- | M] () MD5=9B2CF1D7D2A1A42E91A0AEFD1174D20B -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

[2009/06/10 18:23:19 | 000,261,632 | ---- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

[2011/12/26 16:13:18 | 005,251,072 | ---- | M] () MD5=ED7A7B490221396D20AC78BF3418F6AC -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

 

< %systemroot%\assembly\GAC_64\*.* /S /MD5 >

 

< %USERPROFILE%\Desktop\registrybackup.reg /c >

 

< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >

 

< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >

 

< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >

[2012/05/06 00:12:34 | 000,000,000 | -H-- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun-2D-53C9D589-6B66-4F30-9BAB-9A0193B0BAFC.lock

[2012/10/02 22:05:08 | 000,910,306 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes >

"DefaultScope" = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

 

< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes >

"DefaultScope" = {42D12607-ED8C-453F-A64C-3243FDCF8932}

"DownloadUpdates" = 0

"Version" = 3

"UpgradeTime" = 55 80 DD 7A 81 F6 CC 01 [binary data]

"KnownProvidersUpgradeTime" = 55 80 DD 7A 81 F6 CC 01 [binary data]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{42D12607-ED8C-453F-A64C-3243FDCF8932}]

 

< MD5 for: EXPLORER.EXE >

[2011/02/26 02:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2009/07/13 22:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2011/02/26 02:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[2009/10/31 02:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2011/02/26 02:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe

[2011/02/26 02:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2009/08/03 02:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2009/08/03 02:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009/10/31 03:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

 

< MD5 for: SERVICES >

[2009/06/10 18:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services

[2009/06/10 18:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

 

< MD5 for: SERVICES.CFG >

[2012/07/27 17:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg

[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

 

< MD5 for: SERVICES.CNF >

[2012/08/05 17:29:19 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Users\Alessandro\Documents\Minhas Webs\_vti_pvt\services.cnf

 

< MD5 for: SERVICES.EXE >

[2009/07/13 22:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe

[2009/07/13 22:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

 

< MD5 for: SERVICES.EXE.MUI >

[2009/07/13 23:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui

[2009/07/13 23:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

[2009/07/17 15:46:18 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=CF3F0514022410B0D95238E7B794BDDB -- C:\Windows\System32\pt-BR\services.exe.mui

[2009/07/17 15:46:18 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=CF3F0514022410B0D95238E7B794BDDB -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7264.0_pt-br_dd15071a00ddc774\services.exe.mui

 

< MD5 for: SERVICES.LNK >

[2009/07/14 01:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

[2009/07/14 01:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

[2009/07/14 01:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

 

< MD5 for: SERVICES.MOF >

[2009/06/10 18:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof

[2009/06/10 18:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

 

< MD5 for: SERVICES.MSC >

[2009/07/13 23:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc

[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc

[2009/07/13 23:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc

[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

[2009/07/17 15:46:34 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\System32\pt-BR\services.msc

[2009/07/17 15:46:34 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7264.0_pt-br_1756d705d7476167\services.msc

 

< MD5 for: SERVICES.PTXML >

[2009/07/13 17:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml

[2009/07/13 17:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

 

< MD5 for: SVCHOST.EXE >

[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe

[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

 

< MD5 for: UNINST.EXE >

[2010/07/01 15:44:26 | 000,187,216 | ---- | M] () MD5=1950A87E01BB8C10CD89F37158891251 -- C:\Program Files\HP Photo Creations\uninst.exe

[2012/01/30 17:48:08 | 000,011,264 | ---- | M] (RealNetworks, Inc.) MD5=297DFA80076EF5E471A5DA3395D312C5 -- C:\Program Files\Real\RealUpgrade\uninst.exe

 

< MD5 for: USERINIT.EXE >

[2009/07/13 22:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe

[2009/07/13 22:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/10/28 03:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe

[2009/10/28 03:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009/10/28 02:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2009/07/13 22:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

 

< regedit /e c:\registrybackup.reg /c >

 

< type c:\boot.ini >> test.txt /c >

 

< %systemroot%\system32\tasks\*.* /s /64 >

[2012/09/20 19:35:47 | 000,003,840 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater

[2012/10/04 13:38:33 | 000,003,808 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore

[2012/10/04 13:38:34 | 000,004,060 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA

[2012/10/04 15:49:53 | 000,003,224 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-2545452164-544833034-3868391069-1000

[2012/10/04 15:49:53 | 000,003,348 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2545452164-544833034-3868391069-1000

[2012/10/04 17:53:02 | 000,003,004 | ---- | M] () -- C:\Windows\system32\tasks\ReclaimerUpdateFiles_Alessandro

[2012/10/04 18:32:01 | 000,003,000 | ---- | M] () -- C:\Windows\system32\tasks\ReclaimerUpdateXML_Alessandro

[2012/10/02 18:30:02 | 000,002,708 | ---- | M] () -- C:\Windows\system32\tasks\RNUpgradeHelperLogonPrompt_Alessandro

[2012/10/02 18:30:01 | 000,003,642 | ---- | M] () -- C:\Windows\system32\tasks\RNUpgradeHelperResumePrompt_Alessandro

[2012/07/05 13:02:04 | 000,003,158 | ---- | M] () -- C:\Windows\system32\tasks\{C601E0AA-F405-4B98-BA89-A3169FE5D34A}

[2012/10/02 03:11:04 | 000,004,024 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan

[2012/09/12 17:14:36 | 000,004,158 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

[2009/07/14 01:41:15 | 000,004,472 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)

[2009/07/14 01:41:15 | 000,003,854 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)

[2009/07/14 01:42:10 | 000,002,900 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter

[2009/07/14 01:42:10 | 000,003,790 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck

[2009/07/14 01:41:45 | 000,003,458 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent

[2009/07/14 01:41:45 | 000,003,614 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater

[2009/07/14 01:37:26 | 000,003,026 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy

[2009/07/14 01:42:29 | 000,001,862 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask

[2009/07/14 01:41:10 | 000,004,130 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\SystemTask

[2009/07/14 01:41:10 | 000,003,868 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask

[2009/07/14 01:53:58 | 000,003,134 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam

[2009/07/14 01:42:29 | 000,002,934 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator

[2009/07/14 01:41:20 | 000,003,946 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask

[2009/07/14 01:41:47 | 000,003,598 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip

[2009/07/14 01:46:36 | 000,003,886 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag

[2009/07/14 01:42:30 | 000,004,018 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Diagnosis\Scheduled

[2012/04/15 01:00:01 | 000,003,760 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector

[2012/02/28 17:19:09 | 000,002,538 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver

[2009/07/14 01:42:31 | 000,003,554 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications

[2012/02/29 06:16:53 | 000,004,036 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Maintenance\WinSAT

[2012/02/28 17:19:13 | 000,002,420 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch

[2012/02/28 17:19:12 | 000,002,448 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService

[2012/02/28 17:19:13 | 000,002,592 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks

[2012/02/28 17:19:12 | 000,002,400 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit

[2012/02/28 17:19:13 | 000,002,546 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady

[2012/02/28 17:19:20 | 000,002,790 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate

[2012/02/28 17:19:22 | 000,002,954 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask

[2012/02/28 17:19:21 | 000,002,958 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask

[2012/02/28 17:19:12 | 000,002,380 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate

[2012/02/28 17:19:11 | 000,002,400 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery

[2012/02/28 17:19:11 | 000,002,384 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery

[2012/02/28 17:19:19 | 000,003,226 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1

[2012/02/28 17:19:20 | 000,003,228 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2

[2012/02/28 17:19:10 | 000,003,822 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry

[2012/02/28 17:19:20 | 000,002,926 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask

[2012/02/28 17:19:21 | 000,002,918 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask

[2012/02/28 17:19:14 | 000,003,078 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart

[2012/02/28 17:19:12 | 000,002,408 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch

[2012/02/28 17:19:13 | 000,002,432 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot

[2012/02/28 17:19:21 | 000,002,942 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask

[2012/02/28 17:19:12 | 000,002,736 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath

[2009/07/14 01:41:20 | 000,003,304 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector

[2009/07/14 01:41:20 | 000,003,510 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector

[2012/02/28 17:19:14 | 000,003,576 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MobilePC\HotStart

[2009/07/14 01:41:56 | 000,003,168 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove

[2009/07/14 01:42:30 | 000,002,602 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Multimedia\SystemSoundsService

[2009/07/14 01:42:09 | 000,002,044 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo

[2012/02/28 17:41:16 | 000,004,180 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Offline Files\Background Synchronization

[2012/02/28 17:19:08 | 000,003,058 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Offline Files\Logon Synchronization

[2009/07/14 01:42:28 | 000,002,832 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor

[2009/07/14 01:41:30 | 000,003,752 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem

[2009/07/14 01:42:30 | 000,004,370 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\RAC\RacTask

[2009/07/14 01:37:40 | 000,003,052 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Ras\MobilityManager

[2009/07/14 01:42:07 | 000,003,956 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Registry\RegIdleBackup

[2009/07/14 01:42:29 | 000,004,596 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask

[2009/07/14 01:42:30 | 000,003,616 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControls

[2009/07/14 01:54:03 | 000,003,912 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration

[2012/02/28 17:19:09 | 000,003,784 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\AutoWake

[2012/02/28 17:19:10 | 000,003,612 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\GadgetManager

[2012/02/28 17:42:38 | 000,003,698 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\SessionAgent

[2012/02/28 17:42:54 | 000,003,792 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\SystemDataProviders

[2009/07/14 01:37:20 | 000,003,942 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask

[2009/07/14 01:46:35 | 000,003,506 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR

[2009/07/14 01:41:33 | 000,002,614 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Task Manager\Interactive

[2009/07/14 01:41:09 | 000,003,950 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1

[2009/07/14 01:41:09 | 000,004,066 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2

[2009/07/14 01:41:29 | 000,002,978 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor

[2009/07/14 01:37:51 | 000,003,388 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime

[2009/07/14 01:37:30 | 000,001,730 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig

[2009/07/14 01:41:23 | 000,003,420 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\User Profile Service\HiveUploadTask

[2009/07/14 01:37:28 | 000,002,682 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WDI\ResolutionHost

[2012/03/29 17:29:03 | 000,004,236 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask

[2012/03/29 17:29:03 | 000,004,234 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline

[2009/07/14 01:37:20 | 000,003,048 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting

[2009/07/14 01:37:44 | 000,003,290 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange

[2009/07/14 01:46:36 | 000,003,304 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary

[2012/02/28 17:47:13 | 000,004,340 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification

[2009/07/14 01:54:01 | 000,003,532 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader

[2012/03/08 12:15:57 | 000,004,496 | ---- | M] () -- C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2545452164-544833034-3868391069-1000

 

< %systemroot%\system32\Tasks\*.* /s >

[2012/09/20 19:35:47 | 000,003,840 | ---- | M] () -- C:\Windows\system32\Tasks\Adobe Flash Player Updater

[2012/10/04 13:38:33 | 000,003,808 | ---- | M] () -- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

[2012/10/04 13:38:34 | 000,004,060 | ---- | M] () -- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA

[2012/10/04 15:49:53 | 000,003,224 | ---- | M] () -- C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-2545452164-544833034-3868391069-1000

[2012/10/04 15:49:53 | 000,003,348 | ---- | M] () -- C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2545452164-544833034-3868391069-1000

[2012/10/04 17:53:02 | 000,003,004 | ---- | M] () -- C:\Windows\system32\Tasks\ReclaimerUpdateFiles_Alessandro

[2012/10/04 18:32:01 | 000,003,000 | ---- | M] () -- C:\Windows\system32\Tasks\ReclaimerUpdateXML_Alessandro

[2012/10/02 18:30:02 | 000,002,708 | ---- | M] () -- C:\Windows\system32\Tasks\RNUpgradeHelperLogonPrompt_Alessandro

[2012/10/02 18:30:01 | 000,003,642 | ---- | M] () -- C:\Windows\system32\Tasks\RNUpgradeHelperResumePrompt_Alessandro

[2012/07/05 13:02:04 | 000,003,158 | ---- | M] () -- C:\Windows\system32\Tasks\{C601E0AA-F405-4B98-BA89-A3169FE5D34A}

[2012/10/02 03:11:04 | 000,004,024 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan

[2012/09/12 17:14:36 | 000,004,158 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

[2009/07/14 01:41:15 | 000,004,472 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)

[2009/07/14 01:41:15 | 000,003,854 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)

[2009/07/14 01:42:10 | 000,002,900 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\AppID\PolicyConverter

[2009/07/14 01:42:10 | 000,003,790 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck

[2009/07/14 01:41:45 | 000,003,458 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\AitAgent

[2009/07/14 01:41:45 | 000,003,614 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater

[2009/07/14 01:37:26 | 000,003,026 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Autochk\Proxy

[2009/07/14 01:42:29 | 000,001,862 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask

[2009/07/14 01:41:10 | 000,004,130 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask

[2009/07/14 01:41:10 | 000,003,868 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask

[2009/07/14 01:53:58 | 000,003,134 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam

[2009/07/14 01:42:29 | 000,002,934 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator

[2009/07/14 01:41:20 | 000,003,946 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask

[2009/07/14 01:41:47 | 000,003,598 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip

[2009/07/14 01:46:36 | 000,003,886 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag

[2009/07/14 01:42:30 | 000,004,018 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Diagnosis\Scheduled

[2012/04/15 01:00:01 | 000,003,760 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector

[2012/02/28 17:19:09 | 000,002,538 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver

[2009/07/14 01:42:31 | 000,003,554 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Location\Notifications

[2012/02/29 06:16:53 | 000,004,036 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Maintenance\WinSAT

[2012/02/28 17:19:13 | 000,002,420 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch

[2012/02/28 17:19:12 | 000,002,448 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService

[2012/02/28 17:19:13 | 000,002,592 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks

[2012/02/28 17:19:12 | 000,002,400 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ehDRMInit

[2012/02/28 17:19:13 | 000,002,546 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady

[2012/02/28 17:19:20 | 000,002,790 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\mcupdate

[2012/02/28 17:19:22 | 000,002,954 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask

[2012/02/28 17:19:21 | 000,002,958 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask

[2012/02/28 17:19:12 | 000,002,380 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\OCURActivate

[2012/02/28 17:19:11 | 000,002,400 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery

[2012/02/28 17:19:11 | 000,002,384 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery

[2012/02/28 17:19:19 | 000,003,226 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1

[2012/02/28 17:19:20 | 000,003,228 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2

[2012/02/28 17:19:10 | 000,003,822 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry

[2012/02/28 17:19:20 | 000,002,926 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask

[2012/02/28 17:19:21 | 000,002,918 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask

[2012/02/28 17:19:14 | 000,003,078 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\RecordingRestart

[2012/02/28 17:19:12 | 000,002,408 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\RegisterSearch

[2012/02/28 17:19:13 | 000,002,432 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot

[2012/02/28 17:19:21 | 000,002,942 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask

[2012/02/28 17:19:12 | 000,002,736 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath

[2009/07/14 01:41:20 | 000,003,304 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector

[2009/07/14 01:41:20 | 000,003,510 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector

[2012/02/28 17:19:14 | 000,003,576 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MobilePC\HotStart

[2009/07/14 01:41:56 | 000,003,168 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MUI\LPRemove

[2009/07/14 01:42:30 | 000,002,602 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService

[2009/07/14 01:42:09 | 000,002,044 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo

[2012/02/28 17:41:16 | 000,004,180 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization

[2012/02/28 17:19:08 | 000,003,058 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization

[2009/07/14 01:42:28 | 000,002,832 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor

[2009/07/14 01:41:30 | 000,003,752 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem

[2009/07/14 01:42:30 | 000,004,370 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\RAC\RacTask

[2009/07/14 01:37:40 | 000,003,052 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Ras\MobilityManager

[2009/07/14 01:42:07 | 000,003,956 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Registry\RegIdleBackup

[2009/07/14 01:42:29 | 000,004,596 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask

[2009/07/14 01:42:30 | 000,003,616 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls

[2009/07/14 01:54:03 | 000,003,912 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration

[2012/02/28 17:19:09 | 000,003,784 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\AutoWake

[2012/02/28 17:19:10 | 000,003,612 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\GadgetManager

[2012/02/28 17:42:38 | 000,003,698 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\SessionAgent

[2012/02/28 17:42:54 | 000,003,792 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders

[2009/07/14 01:37:20 | 000,003,942 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask

[2009/07/14 01:46:35 | 000,003,506 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SystemRestore\SR

[2009/07/14 01:41:33 | 000,002,614 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Task Manager\Interactive

[2009/07/14 01:41:09 | 000,003,950 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1

[2009/07/14 01:41:09 | 000,004,066 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2

[2009/07/14 01:41:29 | 000,002,978 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor

[2009/07/14 01:37:51 | 000,003,388 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime

[2009/07/14 01:37:30 | 000,001,730 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig

[2009/07/14 01:41:23 | 000,003,420 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask

[2009/07/14 01:37:28 | 000,002,682 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WDI\ResolutionHost

[2012/03/29 17:29:03 | 000,004,236 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask

[2012/03/29 17:29:03 | 000,004,234 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline

[2009/07/14 01:37:20 | 000,003,048 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting

[2009/07/14 01:37:44 | 000,003,290 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange

[2009/07/14 01:46:36 | 000,003,304 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary

[2012/02/28 17:47:13 | 000,004,340 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification

[2009/07/14 01:54:01 | 000,003,532 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader

[2012/03/08 12:15:57 | 000,004,496 | ---- | M] () -- C:\Windows\system32\Tasks\WPD\SqmUpload_S-1-5-21-2545452164-544833034-3868391069-1000

 

< %windir%\tasks\*.* /s >

[2012/10/04 18:34:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/10/04 13:43:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/10/04 18:43:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/10/04 17:53:01 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Alessandro.job

[2012/10/04 18:32:01 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Alessandro.job

[2012/10/04 13:30:03 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Alessandro.job

[2012/10/04 13:29:40 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009/07/14 01:53:46 | 000,032,300 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

 

< End of report >

 

 

Grato.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Bolaosoft

 

|- Houve engano ao executar a OTL,já que temos somente o relatório "Custom Scans".

|- O erro foi o seguinte: Colou as informações no campo e clicou em "Nenhum".

|- O outro erro,foi ao postar,diretamente,esse texto no editor.

|- Execute,novamente,a OTL em seu rápido escaneamento. ( Quick Scan )

|- Poste: OTL.txt e dispense o Extras.

|- Ps: Envie-o por intermédio de Cjoint.com. <- Importante!

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.