[code] OTS logfile created on: 29/8/2009 16:29:56 - Run 3 OTS by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrador\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy 991,48 Mb Total Physical Memory | 549,68 Mb Available Physical Memory | 55,44% Memory free 2,38 Gb Paging File | 1,98 Gb Available in Paging File | 83,39% Paging File free Paging file location(s): C:\pagefile.sys 1536 3000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 74,52 Gb Total Space | 10,99 Gb Free Space | 14,75% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MICRO03 Current User Name: Administrador Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] avguard.exe -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe -> [2008/10/15 13:30:02 | 00,151,297 | ---- | M] (Avira GmbH) explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2008/04/13 19:21:00 | 01,035,776 | ---- | M] (Microsoft Corporation) gbpsv.exe -> C:\Arquivos de programas\GbPlugin\gbpsv.exe -> [2009/03/25 11:36:28 | 00,052,560 | ---- | M] ( ) hkcmd.exe -> C:\WINDOWS\System32\hkcmd.exe -> [2006/10/05 20:13:28 | 00,114,688 | ---- | M] (Intel Corporation) igfxtray.exe -> C:\WINDOWS\System32\igfxtray.exe -> [2006/10/05 20:11:10 | 00,098,304 | ---- | M] (Intel Corporation) ots.exe -> C:\Documents and Settings\Administrador\Desktop\OTS.exe -> [2009/08/29 15:50:15 | 00,514,048 | ---- | M] (OldTimer Tools) sched.exe -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe -> [2008/10/15 13:31:53 | 00,068,865 | ---- | M] (Avira GmbH) soundman.exe -> C:\WINDOWS\SOUNDMAN.EXE -> [2005/04/15 08:01:46 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) wmiprvse.exe -> C:\WINDOWS\System32\wbem\wmiprvse.exe -> [2009/02/06 07:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) wmiprvse.exe -> C:\WINDOWS\System32\wbem\wmiprvse.exe -> [2009/02/06 07:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2007/12/15 10:03:01 | 00,072,704 | ---- | M] (Adobe Systems) (AntiVirScheduler) Avira AntiVir Personal - Free Antivirus Scheduler [Win32_Own | Auto | Running] -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe -> [2008/10/15 13:31:53 | 00,068,865 | ---- | M] (Avira GmbH) (AntiVirService) Avira AntiVir Personal - Free Antivirus Guard [Win32_Own | Auto | Running] -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe -> [2008/10/15 13:30:02 | 00,151,297 | ---- | M] (Avira GmbH) (aspnet_state) Serviço de estado do ASP.NET [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) (btwdins) Bluetooth Service [Win32_Own | Auto | Stopped] -> C:\Arquivos de programas\Software WIDCOMM\Bluetooth\bin\btwdins.exe -> [2005/08/29 16:12:14 | 00,266,295 | ---- | M] (Broadcom Corporation.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) (GbpSv) Gbp Service [Win32_Own | Unknown | Running] -> C:\Arquivos de programas\GbPlugin\gbpsv.exe -> [2009/03/25 11:36:28 | 00,052,560 | ---- | M] ( ) (gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/04/19 15:31:06 | 00,182,768 | ---- | M] (Google) (helpsvc) Ajuda e suporte [Win32_Shared | Auto | Running] -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 19:20:38 | 00,038,400 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) (JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Stopped] -> C:\Arquivos de programas\Java\jre6\bin\jqs.exe -> [2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) (MDM) Machine Debug Manager [Win32_Own | Auto | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe -> [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe -> [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) (NBService) NBService [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe -> [2007/01/15 17:14:38 | 00,774,144 | ---- | M] (Nero AG) (NetTcpPortSharing) Serviço de Compartilhamento de Porta Net.Tcp [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -> [2007/01/15 16:01:56 | 00,266,240 | ---- | M] (Nero AG) (odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\System32\HPZipm12.exe -> [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) (SeaPort) SeaPort [Win32_Own | Auto | Stopped] -> C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -> [2008/08/07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) (WMPNetworkSvc) Serviço de Compartilhamento de Rede do Windows Media Player [Win32_Own | On_Demand | Stopped] -> C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe -> [2006/11/02 23:31:44 | 00,914,944 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\ALCXWDM.SYS -> [2005/04/19 07:40:52 | 02,317,504 | ---- | M] (Realtek Semiconductor Corp.) (avgio) avgio [Kernel | System | Running] -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgio.sys -> [2009/05/30 14:03:33 | 00,011,608 | ---- | M] (Avira GmbH) (avgntflt) avgntflt [File_System | On_Demand | Running] -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -> [2009/05/30 14:03:46 | 00,052,056 | ---- | M] (Avira GmbH) (avipbb) avipbb [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\avipbb.sys -> [2009/05/30 14:07:10 | 00,075,096 | ---- | M] (Avira GmbH) (btaudio) Dispositivo de áudio Bluetooth [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\btaudio.sys -> [2005/08/29 16:01:38 | 00,428,269 | ---- | M] (Broadcom Corporation.) (BTDriver) Driver de comunicação virtual Bluetooth [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\btport.sys -> [2005/08/29 15:55:18 | 00,030,363 | ---- | M] (Broadcom Corporation.) (BTKRNL) Enumerador de barramento Bluetooth [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\btkrnl.sys -> [2005/08/29 17:45:34 | 00,853,258 | ---- | M] (Broadcom Corporation.) (BTWUSB) WIDCOMM USB Bluetooth Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\Drivers\btwusb.sys -> [2005/08/29 15:54:36 | 00,064,344 | ---- | M] (Broadcom Corporation.) (CrystalSysInfo) CrystalSysInfo [Kernel | On_Demand | Stopped] -> C:\Arquivos de programas\MediaCoder\SysInfo.sys -> [2007/09/25 11:59:46 | 00,015,152 | ---- | M] () (GbpKm) Gbp KernelMode [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\GbpKm.sys -> [2009/03/25 11:36:18 | 00,026,320 | ---- | M] (GAS Tecnologia) (ggsemc) SEMC USB Flash Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\ggsemc.sys -> [2006/09/28 09:10:52 | 00,011,648 | ---- | M] (Sony Ericsson Mobile Communications) (ham50) Intel HaM Data Fax Voice Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ham50.sys -> [2000/10/06 08:10:26 | 00,365,853 | R--- | M] (Intel Corporation ) (hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\hamachi.sys -> [2009/07/21 22:57:07 | 00,025,280 | ---- | M] (LogMeIn, Inc.) (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\HPZid412.sys -> [2004/06/21 14:40:48 | 00,051,088 | R--- | M] (HP) (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -> [2004/06/21 14:40:48 | 00,016,496 | R--- | M] (HP) (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\HPZius12.sys -> [2004/06/21 14:40:48 | 00,021,744 | R--- | M] (HP) (ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\igxpmp32.sys -> [2006/10/05 22:24:00 | 01,181,824 | ---- | M] (Intel Corporation) (MODEMCSA) Dispositivo de filtro de fluxo unimodem [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\MODEMCSA.sys -> [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) (pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -> [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia) (Ptilink) Driver de link paralelo direto [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ptilink.sys -> [2001/10/28 12:07:22 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007/03/07 20:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) (ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\Drivers\RootMdm.sys -> [2001/10/28 12:07:24 | 00,005,888 | ---- | M] (Microsoft Corporation) (RTL8023) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys -> [2003/12/31 08:58:46 | 00,069,504 | ---- | M] (Realtek Semiconductor Corporation ) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -> [2004/08/03 19:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\secdrv.sys -> [2007/11/13 07:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SiS315) SiS315 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\sisgrp.sys -> [2001/08/17 17:50:48 | 00,104,064 | ---- | M] (Silicon Integrated Systems Corporation) (SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -> [2001/08/17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2009/07/07 19:04:15 | 00,721,904 | ---- | M] () (ssmdrv) ssmdrv [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -> [2007/03/01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) (SysProtDrv.sys) SysProtDrv.sys [Kernel | On_Demand | Stopped] -> C:\Documents and Settings\Administrador\Desktop\SysProt\SysProtDrv.sys -> [2009/08/29 16:23:39 | 00,044,288 | ---- | M] () (TVICHW32) TVICHW32 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\TVICHW32.SYS -> [2008/12/06 16:09:53 | 00,023,600 | ---- | M] (EnTech Taiwan) (usbser) Motorola USB Modem Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\usbser.sys -> [2008/04/13 11:45:38 | 00,026,112 | ---- | M] (Microsoft Corporation) (w200bus) Sony Ericsson W200 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\w200bus.sys -> [2006/11/07 05:42:16 | 00,061,504 | R--- | M] (MCCI) (w200mdfl) Sony Ericsson W200 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\w200mdfl.sys -> [2006/11/07 09:42:22 | 00,009,328 | R--- | M] (MCCI) (w200mdm) Sony Ericsson W200 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\w200mdm.sys -> [2006/11/07 09:42:24 | 00,097,056 | R--- | M] (MCCI) (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\w200mgmt.sys -> [2006/11/07 09:42:28 | 00,088,560 | R--- | M] (MCCI) (w200obex) Sony Ericsson W200 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\w200obex.sys -> [2006/11/07 09:42:30 | 00,086,368 | R--- | M] (MCCI) (ZSMC301b) ZSMC USB PC Camera [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\Drivers\usbVM31b.sys -> [2004/09/07 16:11:50 | 00,090,568 | ---- | M] (VM) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\: Main\\"Search Page" -> &http://home.microsoft.com/intl/br/access/allinone.asp -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\: Main\\"Start Page" -> http://www.uol.com.br/ -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\FireFox\Profiles\ukug4oyq.default\prefs.js -> extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.1 -> extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.7.8 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/06/23 20:55:28 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\COMPONENTS [C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\COMPONENTS] -> [2009/08/06 01:56:15 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\PLUGINS [C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\PLUGINS] -> [2009/08/06 01:56:15 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\Extensions -> [2009/02/08 22:36:18 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2009/02/08 22:36:18 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\Firefox\Profiles\ukug4oyq.default\extensions -> [2009/08/06 01:56:40 | 00,096,821 | ---- | M] () -> C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\Firefox\Profiles\ukug4oyq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/08/06 01:56:40 | 00,096,821 | ---- | M] () -> C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\Firefox\Profiles\ukug4oyq.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2009/08/06 01:56:40 | 00,096,821 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\extensions -> [2009/08/06 01:56:14 | 09,747,960 | ---- | M] (Mozilla Foundation) -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/08/06 01:56:14 | 09,747,960 | ---- | M] (Mozilla Foundation) < FireFox Components [Program Folders] > -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\components\ -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\components -> [2009/08/06 01:56:15 | 00,000,000 | ---D | M] browserdirprovider.dll -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\components\browserdirprovider.dll -> [2009/08/06 01:56:08 | 00,023,032 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\components\brwsrcmp.dll -> [2009/08/06 01:56:08 | 00,134,648 | ---- | M] (Mozilla Foundation) < FireFox Plugins [Program Folders] > -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\plugins\ -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\plugins -> [2009/08/06 01:56:15 | 00,000,000 | ---D | M] npbittorrent.dll -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\plugins\npbittorrent.dll -> [2008/09/03 21:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) npLegitCheckPlugin.dll -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\plugins\npLegitCheckPlugin.dll -> [2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) npnul32.dll -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\plugins\npnul32.dll -> [2009/08/06 01:56:09 | 00,065,528 | ---- | M] (mozilla.org) < FireFox SearchPlugins [Program Folders] > -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\ -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins -> [2009/06/08 01:48:43 | 00,000,000 | ---D | M] buscape.xml -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\buscape.xml -> [2009/06/08 01:48:31 | 00,001,027 | ---- | M] () google.xml -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\google.xml -> [2009/06/08 01:48:31 | 00,001,706 | ---- | M] () mercadolivre.xml -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\mercadolivre.xml -> [2009/06/08 01:48:31 | 00,001,135 | ---- | M] () wikipedia-br.xml -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\wikipedia-br.xml -> [2009/06/08 01:48:31 | 00,001,168 | ---- | M] () yahoo-br.xml -> C:\ARQUIVOS DE PROGRAMAS\MOZILLA FIREFOX 3 BETA 3\searchplugins\yahoo-br.xml -> [2009/06/08 01:48:31 | 00,000,648 | ---- | M] () < HOSTS File > (776 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated) {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} [HKLM] -> C:\Arquivos de programas\Winamp Toolbar\winamptb.dll [Winamp Toolbar BHO] -> [2007/10/04 17:06:20 | 01,135,968 | ---- | M] (AOL LLC) {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [HKLM] -> C:\Arquivos de programas\FlashGet\jccatch.dll [FGCatchUrl] -> [2007/08/06 06:11:58 | 00,094,308 | ---- | M] (www.flashget.com) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 11:36:18 | 00,137,600 | ---- | M] (Microsoft Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Arquivos de programas\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/11/10 05:43:31 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Auxiliar de Conexão do Windows Live] -> [2009/01/22 15:41:30 | 00,408,448 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2009/06/20 00:52:49 | 00,259,696 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [Google Toolbar Notifier BHO] -> [2009/06/23 20:49:43 | 00,669,168 | ---- | M] (Google Inc.) {C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll [GbIehObj Class] -> [2009/03/25 11:32:26 | 00,271,152 | ---- | M] (Banco do Brasil) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [Google Dictionary Compression sdch] -> [2009/04/19 15:08:34 | 00,470,512 | ---- | M] (Google Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/11/10 05:43:16 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2008/11/10 05:43:17 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) {F156768E-81EF-470C-9057-481BA8380DBA} [HKLM] -> C:\Arquivos de programas\FlashGet\getflash.dll [FlashGet GetFlash Class] -> [2007/05/18 13:13:10 | 00,163,840 | ---- | M] (www.flashget.com) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009/06/20 00:52:49 | 00,259,696 | ---- | M] (Google Inc.) "{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" [HKLM] -> C:\Arquivos de programas\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> [2007/10/04 17:06:20 | 01,135,968 | ---- | M] (AOL LLC) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar] -> [2009/06/20 00:52:49 | 00,259,696 | ---- | M] (Google Inc.) WebBrowser\\"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" [HKLM] -> C:\Arquivos de programas\Winamp Toolbar\winamptb.dll [Winamp Toolbar] -> [2007/10/04 17:06:20 | 01,135,968 | ---- | M] (AOL LLC) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "avgnt" -> C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe ["C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min] -> [2008/06/12 13:28:45 | 00,266,497 | ---- | M] (Avira GmbH) "GrooveMonitor" -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) "HotKeysCmds" -> C:\WINDOWS\System32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2006/10/05 20:13:28 | 00,114,688 | ---- | M] (Intel Corporation) "IgfxTray" -> C:\WINDOWS\System32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2006/10/05 20:11:10 | 00,098,304 | ---- | M] (Intel Corporation) "ISUSScheduler" -> C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe ["C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start] -> [2006/03/20 17:40:32 | 00,086,960 | ---- | M] (Macrovision Corporation) "NeroFilterCheck" -> C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe] -> [2006/01/12 15:40:44 | 00,155,648 | ---- | M] (Nero AG) "SoundMan" -> C:\WINDOWS\Soundman.exe [SOUNDMAN.EXE] -> [2005/04/15 08:01:46 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) "SunJavaUpdateSched" -> C:\Arquivos de programas\Java\jre6\bin\jusched.exe ["C:\Arquivos de programas\Java\jre6\bin\jusched.exe"] -> [2008/11/10 05:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) "UnlockerAssistant" -> C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe ["C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe"] -> [2008/05/02 01:15:46 | 00,015,872 | ---- | M] () < Run [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Advanced SystemCare 3" -> C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe ["C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" /startup] -> [2009/04/30 21:22:40 | 02,329,936 | ---- | M] (IObit) "swg" -> C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2009/02/15 14:52:14 | 00,039,408 | ---- | M] (Google Inc.) < Administrador Startup Folder > -> C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar -> C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\Adobe Gamma.lnk -> C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe -> [2005/03/16 19:16:50 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Menu Iniciar\Programas\Inicializar -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions \Infodelivery\Restrictions\\"NoUpdateCheck" -> [1] -> File not found < Software Policy Settings [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found \\"NoResolveSearch" -> [1] -> File not found \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> &Clean Traces -> C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm [C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm] -> [2009/01/18 16:34:24 | 00,001,748 | ---- | M] () &Download with &DAP -> C:\Arquivos de programas\DAP\dapextie.htm [C:\Arquivos de programas\DAP\dapextie.htm] -> [2009/01/18 16:34:24 | 00,002,020 | ---- | M] () Download &all with DAP -> C:\Arquivos de programas\DAP\dapextie2.htm [C:\Arquivos de programas\DAP\dapextie2.htm] -> [2009/01/18 16:34:24 | 00,001,041 | ---- | M] () E&xportar para o Microsoft Excel -> C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE [res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> &Clean Traces -> C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm [C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm] -> [2009/01/18 16:34:24 | 00,001,748 | ---- | M] () &Download with &DAP -> C:\Arquivos de programas\DAP\dapextie.htm [C:\Arquivos de programas\DAP\dapextie.htm] -> [2009/01/18 16:34:24 | 00,002,020 | ---- | M] () Download &all with DAP -> C:\Arquivos de programas\DAP\dapextie2.htm [C:\Arquivos de programas\DAP\dapextie2.htm] -> [2009/01/18 16:34:24 | 00,001,041 | ---- | M] () E&xportar para o Microsoft Excel -> C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE [res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\Software\Microsoft\Internet Explorer\MenuExt\ -> &Clean Traces -> C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm [C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm] -> [2009/01/18 16:34:24 | 00,001,748 | ---- | M] () &Descarregar tudo com o FlashGet -> C:\Arquivos de programas\FlashGet\jc_all.htm [C:\Arquivos de programas\FlashGet\jc_all.htm] -> [2007/05/18 13:13:10 | 00,001,049 | ---- | M] () &Descarregar utilizando o FlashGet -> C:\Arquivos de programas\FlashGet\jc_link.htm [C:\Arquivos de programas\FlashGet\jc_link.htm] -> [2007/05/18 13:13:10 | 00,001,898 | ---- | M] () &Download with &DAP -> C:\Arquivos de programas\DAP\dapextie.htm [C:\Arquivos de programas\DAP\dapextie.htm] -> [2009/01/18 16:34:24 | 00,002,020 | ---- | M] () &Winamp Toolbar Search -> C:\Documents and Settings\All Users\Dados de aplicativos\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [C:\Documents and Settings\All Users\Dados de aplicativos\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html] -> [2006/09/07 17:59:50 | 00,000,747 | ---- | M] () Add to AMV Converter... -> C:\Arquivos de programas\MP3 Player Utilities 4.05\AMVConverter\grab.html [C:\Arquivos de programas\MP3 Player Utilities 4.05\AMVConverter\grab.html] -> [2006/02/16 10:37:38 | 00,000,890 | ---- | M] () Download &all with DAP -> C:\Arquivos de programas\DAP\dapextie2.htm [C:\Arquivos de programas\DAP\dapextie2.htm] -> [2009/01/18 16:34:24 | 00,001,041 | ---- | M] () E&xportar para o Microsoft Excel -> C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE [res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/05/04 08:40:04 | 18,333,536 | ---- | M] (Microsoft Corporation) MediaManager tool grab multimedia file -> C:\Arquivos de programas\MP3 Player Utilities 4.05\MediaManager\grab.html [C:\Arquivos de programas\MP3 Player Utilities 4.05\MediaManager\grab.html] -> [2006/02/15 09:30:44 | 00,000,890 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll [Button: Incluir no Blog] -> [2008/12/02 22:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Incluir no Blog no Windows Live Writer] -> [2008/12/02 22:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll [Button: Enviar para o OneNote] -> [2008/10/25 07:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll [Menu: &Enviar para o OneNote] -> [2008/10/25 07:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 00,039,464 | ---- | M] (Microsoft Corporation) {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm [HKLM] -> C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2003/05/29 13:53:08 | 00,002,681 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm [HKLM] -> C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2003/05/29 13:53:08 | 00,002,681 | ---- | M] () {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}:Exec [HKLM] -> C:\Arquivos de programas\FlashGet\FlashGet.exe [Button: FlashGet] -> [2007/09/25 05:10:50 | 02,007,088 | ---- | M] (FlashGet.com) {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}:Exec [HKLM] -> C:\Arquivos de programas\FlashGet\FlashGet.exe [Menu: FlashGet] -> [2007/09/25 05:10:50 | 02,007,088 | ---- | M] (FlashGet.com) {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Arquivos de programas\Messenger\msmsgs.exe [Button: Messenger] -> [2004/10/13 13:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Arquivos de programas\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/10/13 13:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Arquivos de programas\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 13:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Arquivos de programas\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 13:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@btrez.dll,-4015] -> File not found CmdMapping\\"{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}" [HKLM] -> C:\Arquivos de programas\FlashGet\FlashGet.exe [FlashGet] -> [2007/09/25 05:10:50 | 02,007,088 | ---- | M] (FlashGet.com) CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Arquivos de programas\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 13:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1569 domain(s) found. -> 8 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\] > -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-507921405-602609370-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab [Office Genuine Advantage Validation Tool] -> {20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab [Checkers Class] -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197677715734 [WUWebControl Class] -> {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197677975468 [MUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Reg Error: Value error.] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Reg Error: Value error.] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Reg Error: Value error.] -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} [HKLM] -> https://www14.bancobrasil.com.br/plugin/GbpDist.cab [GbpDistObj Class] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {5CDEECF2-871D-4D95-9B83-144590EA625F}\\DhcpNameServer -> 192.168.254.254 (Realtek RTL8139/810x Family Fast Ethernet NIC) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:21:00 | 01,035,776 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> GbPluginBb -> C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll -> [2009/03/25 11:32:26 | 00,271,152 | ---- | M] (Banco do Brasil) igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2006/10/05 20:09:04 | 00,155,648 | ---- | M] (Intel Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll [] -> [2009/05/24 22:41:34 | 00,304,128 | ---- | M] (Microsoft Corporation) "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) "{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll [GbPlugin ShlObj] -> [2009/03/25 11:32:26 | 00,271,152 | ---- | M] (Banco do Brasil) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:21:18 | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" -> C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:50:38 | 03,885,408 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe [C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:21:18 | 00,142,848 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe" -> C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe [C:\Arquivos de programas\Arquivos comuns\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup] -> [2007/01/16 19:39:50 | 01,728,512 | ---- | M] (Nero AG) "C:\Arquivos de programas\BitTorrent\bittorrent.exe" -> C:\Arquivos de programas\BitTorrent\bittorrent.exe [C:\Arquivos de programas\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2009/02/17 16:10:02 | 00,637,232 | ---- | M] (BitTorrent, Inc.) "C:\Arquivos de programas\DAP\DAP.exe" -> C:\Arquivos de programas\DAP\DAP.exe [C:\Arquivos de programas\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)] -> [2009/01/18 16:34:24 | 03,134,976 | ---- | M] (Speedbit Ltd.) "C:\Arquivos de programas\DNA\btdna.exe" -> C:\Arquivos de programas\DNA\btdna.exe [C:\Arquivos de programas\DNA\btdna.exe:*:Enabled:DNA] -> [2009/03/07 17:03:48 | 00,321,344 | ---- | M] (BitTorrent, Inc.) "C:\Arquivos de programas\FlashGet\flashget.exe" -> C:\Arquivos de programas\FlashGet\flashget.exe [C:\Arquivos de programas\FlashGet\flashget.exe:*:Enabled:Flashget] -> [2007/09/25 05:10:50 | 02,007,088 | ---- | M] (FlashGet.com) "C:\Arquivos de programas\FrostWire\FrostWire.exe" -> C:\Arquivos de programas\FrostWire\FrostWire.exe [C:\Arquivos de programas\FrostWire\FrostWire.exe:*:Enabled:LimeWire] -> [2007/12/17 15:53:54 | 00,114,688 | ---- | M] (FrostWire Group) "C:\Arquivos de programas\GameSpy Arcade\Aphex.exe" -> C:\Arquivos de programas\GameSpy Arcade\Aphex.exe [C:\Arquivos de programas\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.4] -> File not found "C:\Arquivos de programas\Macromedia\Dreamweaver 8\Dreamweaver.exe" -> C:\Arquivos de programas\Macromedia\Dreamweaver 8\Dreamweaver.exe [C:\Arquivos de programas\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8] -> [2005/08/30 16:04:14 | 14,602,240 | ---- | M] (Macromedia, Inc.) "C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" -> C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE [C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> [2009/02/14 06:03:18 | 00,337,264 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE [C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2008/11/24 22:16:44 | 01,020,776 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE [C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2009/04/17 03:30:12 | 12,438,896 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\River Past\Animated GIF Converter and Booster Pack\VideoCleaner.exe" -> C:\Arquivos de programas\River Past\Animated GIF Converter and Booster Pack\VideoCleaner.exe [C:\Arquivos de programas\River Past\Animated GIF Converter and Booster Pack\VideoCleaner.exe:*:Enabled:River Past Animated GIF Converter] -> [2008/10/02 20:33:18 | 01,232,896 | ---- | M] (River Past Corporation) "C:\Arquivos de programas\Valve\hl.exe" -> C:\Arquivos de programas\Valve\hl.exe [C:\Arquivos de programas\Valve\hl.exe:*:Enabled:Half-Life Launcher] -> [2005/09/29 22:42:57 | 00,081,920 | ---- | M] (Valve) "C:\Arquivos de programas\Valve\hlds.exe" -> C:\Arquivos de programas\Valve\hlds.exe [C:\Arquivos de programas\Valve\hlds.exe:*:Enabled:HLDS Launcher] -> [2005/09/29 22:47:25 | 00,397,312 | ---- | M] (Valve) "C:\Arquivos de programas\Winamp Remote\bin\Orb.exe" -> C:\Arquivos de programas\Winamp Remote\bin\Orb.exe [C:\Arquivos de programas\Winamp Remote\bin\Orb.exe:*:Enabled:Orb] -> [2007/08/01 22:02:12 | 00,073,728 | ---- | M] (Orb Networks, Inc.) "C:\Arquivos de programas\Winamp Remote\bin\OrbStreamerClient.exe" -> C:\Arquivos de programas\Winamp Remote\bin\OrbStreamerClient.exe [C:\Arquivos de programas\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client] -> [2007/10/15 22:30:08 | 05,816,320 | ---- | M] (Orb Networks) "C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe" -> C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe [C:\Arquivos de programas\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray] -> [2007/10/22 21:47:00 | 00,360,448 | ---- | M] (Orb Networks) "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" -> C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:50:38 | 03,885,408 | ---- | M] (Microsoft Corporation) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe [C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/02/06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) "C:\Icaro\Arquivos\HQS\gc\JKDH\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\FlatOut2.exe" -> C:\Icaro\Arquivos\HQS\gc\JKDH\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\FlatOut2.exe [C:\Icaro\Arquivos\HQS\gc\JKDH\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\Flatout 2 WWW.THEREBELS.BIZ BY OWEN09\FlatOut2.exe:*:Enabled:FlatOut2] -> [2006/08/04 20:39:42 | 16,257,024 | ---- | M] () "C:\WINDOWS\system32\drivers\svchost.exe" -> C:\WINDOWS\System32\drivers\svchost.exe [C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:WinRAR archiver] -> File not found "C:\WINDOWS\system32\rtcshare.exe" -> C:\WINDOWS\System32\rtcshare.exe [C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Compartilhamento de aplicativo RTC] -> [2008/04/13 19:21:18 | 00,078,336 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Driver de CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2007/12/14 13:12:07 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{9550a262-3c0e-11dd-9cac-000feaa47e46} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9550a262-3c0e-11dd-9cac-000feaa47e46}\Shell\auto\command \{9550a262-3c0e-11dd-9cac-000feaa47e46}\Shell\auto\command\\"" -> G:\explorer.exe [G:\explorer.exe] -> File not found [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 24/8/2009 12:00:22 Computer Name = MICRO03 | Source = | ID = 0 -> Description = Application [ Error ] 24/8/2009 12:04:33 Computer Name = MICRO03 | Source = | ID = 0 -> Description = Application [ Error ] 24/8/2009 12:04:33 Computer Name = MICRO03 | Source = | ID = 0 -> Description = Application [ Error ] 24/8/2009 12:09:46 Computer Name = MICRO03 | Source = | ID = 0 -> Description = Application [ Error ] 24/8/2009 12:09:46 Computer Name = MICRO03 | Source = | ID = 0 -> Description = Application [ Error ] 26/8/2009 23:03:14 Computer Name = MICRO03 | Source = Application Error | ID = 1000 -> Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com falha unknown, versão 0.0.0.0, endereço com falha 0x02f81117. Application [ Error ] 27/8/2009 00:05:10 Computer Name = MICRO03 | Source = EventSystem | ID = 4609 -> Description = O sistema de eventos COM+ detectou um código de retorno incorreto durante seu processamento interno. HRESULT 800706BA de linha 44 de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contate os serviços de suporte Microsoft para relatar esse err Application [ Error ] 27/8/2009 00:05:11 Computer Name = MICRO03 | Source = VSS | ID = 8193 -> Description = Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x80040206. Application [ Error ] 28/8/2009 22:48:19 Computer Name = MICRO03 | Source = EventSystem | ID = 4609 -> Description = O sistema de eventos COM+ detectou um código de retorno incorreto durante seu processamento interno. HRESULT 80070005 de linha 44 de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contate os serviços de suporte Microsoft para relatar esse err Application [ Error ] 28/8/2009 22:48:19 Computer Name = MICRO03 | Source = VSS | ID = 8193 -> Description = Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x80040206. System [ Error ] 29/8/2009 15:16:23 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. System [ Error ] 29/8/2009 15:22:29 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. System [ Error ] 29/8/2009 15:23:16 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7034 -> Description = O serviço Windows Search foi encerrado inesperadamente. Isso aconteceu 3 vez(es). System [ Error ] 29/8/2009 15:24:44 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7031 -> Description = O serviço Bluetooth Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. System [ Error ] 29/8/2009 15:27:23 Computer Name = MICRO03 | Source = sr | ID = 1 -> Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001' ao processar o arquivo '' no volume 'HarddiskVolume1'. O monitoramento do volume foi interrompido. System [ Error ] 29/8/2009 15:29:03 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7034 -> Description = O serviço Java Quick Starter foi encerrado inesperadamente. Isso aconteceu 1 vez(es). System [ Error ] 29/8/2009 15:29:07 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. System [ Error ] 29/8/2009 15:29:09 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7031 -> Description = O serviço Bluetooth Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. System [ Error ] 29/8/2009 15:29:13 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7034 -> Description = O serviço SeaPort foi encerrado inesperadamente. Isso aconteceu 1 vez(es). System [ Error ] 29/8/2009 15:29:31 Computer Name = MICRO03 | Source = Service Control Manager | ID = 7034 -> Description = O serviço Machine Debug Manager foi encerrado inesperadamente. Isso aconteceu 1 vez(es). [Files/Folders - Created Within 30 Days] Win32kDiag.exe -> C:\Documents and Settings\Administrador\Desktop\Win32kDiag.exe -> [2009/08/29 16:06:36 | 00,046,080 | ---- | C] () SysProt -> C:\Documents and Settings\Administrador\Desktop\SysProt -> [2009/08/29 16:00:29 | 00,000,000 | ---D | C] SysProt.zip -> C:\Documents and Settings\Administrador\Desktop\SysProt.zip -> [2009/08/29 15:56:33 | 00,354,396 | ---- | C] () OTS.exe -> C:\Documents and Settings\Administrador\Desktop\OTS.exe -> [2009/08/29 15:49:34 | 00,514,048 | ---- | C] (OldTimer Tools) 573a298383e56b01f2971f12dd8f8a44 -> C:\573a298383e56b01f2971f12dd8f8a44 -> [2009/08/28 23:50:19 | 00,000,000 | ---D | C] hiberfil.sys -> C:\hiberfil.sys -> [2009/08/28 13:42:58 | 10,397,16352 | -HS- | C] () windows-kb890830-v2.13.exe -> C:\Documents and Settings\Administrador\Desktop\windows-kb890830-v2.13.exe -> [2009/08/28 13:28:36 | 08,798,656 | ---- | C] (Microsoft Corporation) fidbox2.idx -> C:\WINDOWS\System32\drivers\fidbox2.idx -> [2009/08/28 12:57:51 | 00,000,032 | -HS- | C] () fidbox2.dat -> C:\WINDOWS\System32\drivers\fidbox2.dat -> [2009/08/28 12:57:51 | 00,000,032 | -HS- | C] () fidbox.idx -> C:\WINDOWS\System32\drivers\fidbox.idx -> [2009/08/28 12:57:51 | 00,000,032 | -HS- | C] () fidbox.dat -> C:\WINDOWS\System32\drivers\fidbox.dat -> [2009/08/28 12:57:51 | 00,000,032 | -HS- | C] () ParetoLogic Registration.job -> C:\WINDOWS\tasks\ParetoLogic Registration.job -> [2009/08/27 01:54:29 | 00,000,502 | ---- | C] () rollback.ini -> C:\rollback.ini -> [2009/08/27 01:51:21 | 00,003,581 | ---- | C] () ParetoLogic -> C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic -> [2009/08/27 01:26:29 | 00,000,000 | ---D | C] ParetoLogic -> C:\Arquivos de programas\Arquivos comuns\ParetoLogic -> [2009/08/27 01:26:29 | 00,000,000 | ---D | C] mbam-setup.exe -> C:\Documents and Settings\Administrador\Desktop\mbam-setup.exe -> [2009/08/27 00:11:05 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) Sysvxd.exe -> C:\WINDOWS\Sysvxd.exe -> [2009/08/25 15:19:08 | 00,024,307 | ---- | C] () PenClean.exe -> C:\Documents and Settings\Administrador\Desktop\PenClean.exe -> [2009/08/25 13:41:48 | 00,720,896 | ---- | C] () NFS Most Wanted -> C:\Documents and Settings\Administrador\Meus documentos\NFS Most Wanted -> [2009/08/21 01:48:45 | 00,000,000 | ---D | C] GameVicio -> C:\Arquivos de programas\GameVicio -> [2009/08/21 01:47:31 | 00,000,000 | ---D | C] 1483 -> C:\WINDOWS\System32\1483 -> [2009/08/21 01:19:02 | 00,000,720 | RH-- | C] () 1482 -> C:\WINDOWS\System32\1482 -> [2009/08/21 01:18:17 | 00,240,264 | RH-- | C] () 1481 -> C:\WINDOWS\System32\1481 -> [2009/08/21 01:15:59 | 00,040,534 | RH-- | C] () eReg.dat -> C:\WINDOWS\eReg.dat -> [2009/08/20 22:32:51 | 00,000,617 | ---- | C] () EA Games -> C:\Arquivos de programas\EA Games -> [2009/08/20 22:32:44 | 00,000,000 | ---D | C] Cópia_de_segurança_de_cartazfinal.cdr -> C:\Documents and Settings\Administrador\Desktop\Cópia_de_segurança_de_cartazfinal.cdr -> [2009/08/14 13:40:21 | 00,024,126 | ---- | C] () cartazfinal.cdr -> C:\Documents and Settings\Administrador\Desktop\cartazfinal.cdr -> [2009/08/14 13:35:43 | 00,043,724 | ---- | C] () cartaza3PREVIA.cdr -> C:\Documents and Settings\Administrador\Desktop\cartaza3PREVIA.cdr -> [2009/08/14 13:28:49 | 00,029,896 | ---- | C] () dhtmled.ocx -> C:\WINDOWS\System32\dllcache\dhtmled.ocx -> [2009/08/12 13:25:12 | 00,128,512 | ---- | C] (Microsoft Corporation) msoe.dll -> C:\WINDOWS\System32\dllcache\msoe.dll -> [2009/08/12 13:23:51 | 01,315,328 | ---- | C] (Microsoft Corporation) TimeGate Studios -> C:\Documents and Settings\All Users\Documentos\TimeGate Studios -> [2009/08/10 07:24:24 | 00,000,000 | ---D | C] Dedicated Server.lnk -> C:\Documents and Settings\All Users\Desktop\Dedicated Server.lnk -> [2009/08/07 00:12:40 | 00,001,605 | ---- | C] () Counter Strike 1.6 Non Steam.lnk -> C:\Documents and Settings\Administrador\Desktop\Counter Strike 1.6 Non Steam.lnk -> [2009/08/07 00:12:23 | 00,001,679 | ---- | C] () Dedicated Server.lnk -> C:\Documents and Settings\Administrador\Desktop\Dedicated Server.lnk -> [2009/08/07 00:12:23 | 00,001,659 | ---- | C] () Counter-Strike 1.6.lnk -> C:\Documents and Settings\All Users\Desktop\Counter-Strike 1.6.lnk -> [2009/08/07 00:06:09 | 00,001,589 | ---- | C] () cs16patch_full_V23.exe -> C:\Documents and Settings\Administrador\Desktop\cs16patch_full_V23.exe -> [2009/08/06 22:42:53 | 23,880,094 | ---- | C] (Native Systems Inc.) Patch_Sitecs_protocolo_47_48.exe -> C:\Documents and Settings\Administrador\Desktop\Patch_Sitecs_protocolo_47_48.exe -> [2009/08/06 22:30:15 | 04,123,809 | ---- | C] ( ) _CS_1.6_Full. - by Amorim - www.sitecs.net.rar -> C:\Documents and Settings\Administrador\Desktop\_CS_1.6_Full. - by Amorim - www.sitecs.net.rar -> [2009/08/06 22:29:12 | 28,065,1516 | ---- | C] () XAudioD2_4.dll -> C:\WINDOWS\System32\XAudioD2_4.dll -> [2009/08/06 12:58:59 | 00,931,672 | ---- | C] (Microsoft Corporation) XactEngineA3_4.dll -> C:\WINDOWS\System32\XactEngineA3_4.dll -> [2009/08/06 12:58:58 | 00,428,888 | ---- | C] (Microsoft Corporation) XactEngineD3_4.dll -> C:\WINDOWS\System32\XactEngineD3_4.dll -> [2009/08/06 12:58:58 | 00,343,368 | ---- | C] (Microsoft Corporation) XAPOFXD1_3.dll -> C:\WINDOWS\System32\XAPOFXD1_3.dll -> [2009/08/06 12:58:58 | 00,125,768 | ---- | C] (Microsoft Corporation) D3dx9d_41.dll -> C:\WINDOWS\System32\D3dx9d_41.dll -> [2009/08/06 12:58:57 | 04,280,136 | ---- | C] (Microsoft Corporation) dinput8d.dll -> C:\WINDOWS\System32\dinput8d.dll -> [2009/08/06 12:58:57 | 00,358,728 | ---- | C] (Microsoft Corporation) X3DAudioD1_6.dll -> C:\WINDOWS\System32\X3DAudioD1_6.dll -> [2009/08/06 12:58:57 | 00,045,384 | ---- | C] (Microsoft Corporation) d3dx9d_33.dll -> C:\WINDOWS\System32\d3dx9d_33.dll -> [2009/08/06 12:58:52 | 03,795,784 | ---- | C] (Microsoft Corporation) d3d9d.dll -> C:\WINDOWS\System32\d3d9d.dll -> [2009/08/06 12:58:50 | 03,083,592 | ---- | C] (Microsoft Corporation) D3DX10d_41.dll -> C:\WINDOWS\System32\D3DX10d_41.dll -> [2009/08/06 12:58:50 | 00,497,480 | ---- | C] (Microsoft Corporation) d3dref9.dll -> C:\WINDOWS\System32\d3dref9.dll -> [2009/08/06 12:58:50 | 00,348,504 | ---- | C] (Microsoft Corporation) Microsoft DirectX SDK (March 2009) -> C:\Arquivos de programas\Microsoft DirectX SDK (March 2009) -> [2009/08/06 12:53:31 | 00,000,000 | ---D | C] dxsdkuninst.exe -> C:\WINDOWS\dxsdkuninst.exe -> [2009/08/06 12:53:04 | 00,118,104 | ---- | C] (Microsoft Corporation) d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2009/08/06 02:01:06 | 00,001,324 | ---- | C] () xlive.dll.cat -> C:\WINDOWS\System32\xlive.dll.cat -> [2009/04/22 00:19:06 | 00,172,173 | ---- | C] () igfxCoIn_v4764.dll -> C:\WINDOWS\System32\igfxCoIn_v4764.dll -> [2009/03/09 01:07:34 | 00,204,800 | ---- | C] () f4.ini -> C:\WINDOWS\f4.ini -> [2009/02/01 00:42:07 | 00,000,190 | ---- | C] () psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2009/01/05 23:23:17 | 00,354,816 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2009/01/03 14:35:17 | 00,168,448 | ---- | C] () xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009/01/03 14:35:12 | 00,795,648 | ---- | C] () xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009/01/03 14:35:12 | 00,130,048 | ---- | C] () qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2009/01/03 14:35:11 | 03,596,288 | ---- | C] () ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2009/01/03 14:35:10 | 00,057,344 | ---- | C] () ff_vfw.dll.manifest -> C:\WINDOWS\System32\ff_vfw.dll.manifest -> [2009/01/03 14:35:10 | 00,000,547 | ---- | C] () igfxCoIn_v4704.dll -> C:\WINDOWS\System32\igfxCoIn_v4704.dll -> [2008/12/06 16:25:14 | 00,200,704 | ---- | C] () PhotoSnapViewer.INI -> C:\WINDOWS\PhotoSnapViewer.INI -> [2008/09/22 02:05:43 | 00,000,151 | ---- | C] () gthrctr.ini -> C:\WINDOWS\System32\gthrctr.ini -> [2008/05/26 23:02:50 | 00,016,478 | ---- | C] () idxcntrs.ini -> C:\WINDOWS\System32\idxcntrs.ini -> [2008/05/26 23:02:48 | 00,022,300 | ---- | C] () gsrvctr.ini -> C:\WINDOWS\System32\gsrvctr.ini -> [2008/05/26 23:02:46 | 00,015,796 | ---- | C] () mngui.INI -> C:\WINDOWS\mngui.INI -> [2008/05/22 07:23:46 | 00,000,000 | ---- | C] () ogacheckcontrol.dll.bak -> C:\WINDOWS\System32\ogacheckcontrol.dll.bak -> [2008/05/11 14:11:15 | 00,676,224 | ---- | C] () OGACheckControl.dll -> C:\WINDOWS\System32\OGACheckControl.dll -> [2008/05/11 14:11:15 | 00,676,224 | ---- | C] () BADMOJO.INI -> C:\WINDOWS\BADMOJO.INI -> [2008/03/20 11:35:53 | 00,000,569 | ---- | C] () QTW.INI -> C:\WINDOWS\QTW.INI -> [2008/03/20 11:29:28 | 00,000,106 | ---- | C] () Wininit.INI -> C:\WINDOWS\Wininit.INI -> [2008/03/11 23:01:17 | 00,000,095 | ---- | C] () RunSetup.dll -> C:\WINDOWS\System32\RunSetup.dll -> [2008/02/29 13:35:34 | 00,024,576 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2008/01/03 17:28:45 | 00,000,069 | ---- | C] () moto.INI -> C:\WINDOWS\moto.INI -> [2008/01/02 20:55:23 | 00,000,000 | ---- | C] () Battle.ini -> C:\WINDOWS\Battle.ini -> [2008/01/01 20:47:59 | 00,000,029 | ---- | C] () Rtcw.INI -> C:\WINDOWS\Rtcw.INI -> [2007/12/26 23:13:02 | 00,000,600 | ---- | C] () CD_Start.INI -> C:\WINDOWS\CD_Start.INI -> [2007/12/18 13:26:44 | 00,000,032 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2007/12/17 16:15:09 | 00,721,904 | ---- | C] () KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2007/12/15 09:41:37 | 00,002,568 | ---- | C] () #1 DVD Audio Ripper.INI -> C:\WINDOWS\#1 DVD Audio Ripper.INI -> [2007/12/15 09:07:19 | 00,000,067 | ---- | C] () avrack.ini -> C:\WINDOWS\avrack.ini -> [2007/12/14 21:10:13 | 00,000,164 | ---- | C] () RTLCPAPI.dll -> C:\WINDOWS\System32\RTLCPAPI.dll -> [2007/12/14 21:10:08 | 00,156,672 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2007/12/14 20:48:29 | 00,000,421 | ---- | C] () CddbCdda.dll -> C:\WINDOWS\System32\CddbCdda.dll -> [2007/03/29 23:00:40 | 00,203,264 | ---- | C] () AMV_DecDLL.dll -> C:\WINDOWS\System32\AMV_DecDLL.dll -> [2006/03/06 10:41:02 | 00,073,728 | ---- | C] () btprn2k.dll -> C:\WINDOWS\System32\btprn2k.dll -> [2005/08/29 16:07:06 | 00,090,112 | ---- | C] () BTNeighborhood.dll.manifest -> C:\WINDOWS\System32\BTNeighborhood.dll.manifest -> [2005/02/17 12:41:32 | 00,000,603 | ---- | C] () btcss.dll.manifest -> C:\WINDOWS\System32\btcss.dll.manifest -> [2005/02/17 12:41:30 | 00,000,593 | ---- | C] () ADFUUD.SYS -> C:\WINDOWS\System32\drivers\ADFUUD.SYS -> [2004/09/16 13:26:40 | 00,012,634 | ---- | C] () ADFUUD.SYS -> C:\WINDOWS\ADFUUD.SYS -> [2004/09/16 13:26:40 | 00,012,634 | ---- | C] () lcppn21.dll -> C:\WINDOWS\System32\lcppn21.dll -> [2001/11/14 13:56:00 | 01,802,240 | ---- | C] () win.ini -> C:\WINDOWS\win.ini -> [2001/10/28 12:07:38 | 00,000,685 | ---- | C] () system.ini -> C:\WINDOWS\system.ini -> [2001/10/28 12:07:30 | 00,000,258 | ---- | C] () [Files/Folders - Modified Within 30 Days] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\Documents and Settings\Administrador\Configurações locais\Temp\*.tmp files -> C:\Documents and Settings\Administrador\Configurações locais\Temp\*.tmp -> Perflib_Perfdata_b74.dat -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_b74.dat -> [2009/08/29 16:29:39 | 00,016,384 | ---- | M] () qmgr0.dat -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat -> [2009/08/29 16:28:43 | 00,010,459 | ---- | M] () qmgr1.dat -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat -> [2009/08/29 16:28:43 | 00,009,318 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/08/29 16:28:09 | 00,002,206 | ---- | M] () GlaryInitialize.job -> C:\WINDOWS\tasks\GlaryInitialize.job -> [2009/08/29 16:27:23 | 00,000,344 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/08/29 16:27:20 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/08/29 16:27:15 | 00,002,048 | ---- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/08/29 16:27:14 | 10,397,16352 | -HS- | M] () ntuser.dat -> C:\Documents and Settings\Administrador\ntuser.dat -> [2009/08/29 16:26:25 | 11,272,192 | ---- | M] () ntuser.ini -> C:\Documents and Settings\Administrador\ntuser.ini -> [2009/08/29 16:26:25 | 00,000,330 | -HS- | M] () Win32kDiag.exe -> C:\Documents and Settings\Administrador\Desktop\Win32kDiag.exe -> [2009/08/29 16:06:36 | 00,046,080 | ---- | M] () SysProt.zip -> C:\Documents and Settings\Administrador\Desktop\SysProt.zip -> [2009/08/29 15:56:34 | 00,354,396 | ---- | M] () OTS.exe -> C:\Documents and Settings\Administrador\Desktop\OTS.exe -> [2009/08/29 15:50:15 | 00,514,048 | ---- | M] (OldTimer Tools) mpengine.dll -> C:\Documents and Settings\Administrador\Configurações locais\Temp\mpengine.dll -> [2009/08/28 23:50:30 | 05,357,392 | ---- | M] (Microsoft Corporation) Perflib_Perfdata_5c4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5c4.dat -> [2009/08/28 23:49:55 | 00,016,384 | ---- | M] () IconCache.db -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\IconCache.db -> [2009/08/28 13:45:05 | 05,962,108 | -H-- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2009/08/28 13:37:07 | 00,001,324 | ---- | M] () windows-kb890830-v2.13.exe -> C:\Documents and Settings\Administrador\Desktop\windows-kb890830-v2.13.exe -> [2009/08/28 13:35:16 | 08,798,656 | ---- | M] (Microsoft Corporation) Perflib_Perfdata_208.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_208.dat -> [2009/08/28 13:03:37 | 00,016,384 | ---- | M] () ~glaryutilities-version.dat -> C:\Documents and Settings\Administrador\Configurações locais\Temp\~glaryutilities-version.dat -> [2009/08/28 12:58:58 | 00,000,505 | ---- | M] () fidbox2.idx -> C:\WINDOWS\System32\drivers\fidbox2.idx -> [2009/08/28 12:57:52 | 00,000,032 | -HS- | M] () fidbox2.dat -> C:\WINDOWS\System32\drivers\fidbox2.dat -> [2009/08/28 12:57:52 | 00,000,032 | -HS- | M] () fidbox.idx -> C:\WINDOWS\System32\drivers\fidbox.idx -> [2009/08/28 12:57:52 | 00,000,032 | -HS- | M] () fidbox.dat -> C:\WINDOWS\System32\drivers\fidbox.dat -> [2009/08/28 12:57:52 | 00,000,032 | -HS- | M] () Perflib_Perfdata_56c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_56c.dat -> [2009/08/28 12:54:45 | 00,016,384 | ---- | M] () ParetoLogic Registration.job -> C:\WINDOWS\tasks\ParetoLogic Registration.job -> [2009/08/27 01:54:31 | 00,000,502 | ---- | M] () rollback.ini -> C:\rollback.ini -> [2009/08/27 01:51:21 | 00,003,581 | ---- | M] () mbam-setup.exe -> C:\Documents and Settings\Administrador\Desktop\mbam-setup.exe -> [2009/08/27 00:26:46 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) Perflib_Perfdata_f18.dat -> C:\Documents and Settings\Administrador\Configurações locais\Temp\Perflib_Perfdata_f18.dat -> [2009/08/27 00:12:26 | 00,016,384 | ---- | M] () Perflib_Perfdata_5b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5b8.dat -> [2009/08/27 00:00:21 | 00,016,384 | ---- | M] () Sysvxd.exe -> C:\WINDOWS\Sysvxd.exe -> [2009/08/26 23:46:55 | 00,024,307 | ---- | M] () Perflib_Perfdata_4a8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4a8.dat -> [2009/08/26 22:06:54 | 00,016,384 | ---- | M] () Perflib_Perfdata_454.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_454.dat -> [2009/08/26 18:14:11 | 00,016,384 | ---- | M] () PenClean.exe -> C:\Documents and Settings\Administrador\Desktop\PenClean.exe -> [2009/08/25 13:42:26 | 00,720,896 | ---- | M] () eReg.dat -> C:\WINDOWS\eReg.dat -> [2009/08/20 22:32:51 | 00,000,617 | ---- | M] () cartazfinal.cdr -> C:\Documents and Settings\Administrador\Desktop\cartazfinal.cdr -> [2009/08/14 13:40:21 | 00,043,724 | ---- | M] () Cópia_de_segurança_de_cartazfinal.cdr -> C:\Documents and Settings\Administrador\Desktop\Cópia_de_segurança_de_cartazfinal.cdr -> [2009/08/14 13:35:44 | 00,024,126 | ---- | M] () KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2009/08/14 13:35:25 | 00,002,568 | ---- | M] () cartaza3PREVIA.cdr -> C:\Documents and Settings\Administrador\Desktop\cartaza3PREVIA.cdr -> [2009/08/14 13:28:49 | 00,029,896 | ---- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/08/14 12:49:04 | 00,001,374 | ---- | M] () Dedicated Server.lnk -> C:\Documents and Settings\All Users\Desktop\Dedicated Server.lnk -> [2009/08/07 00:12:41 | 00,001,605 | ---- | M] () Counter-Strike 1.6.lnk -> C:\Documents and Settings\All Users\Desktop\Counter-Strike 1.6.lnk -> [2009/08/07 00:12:41 | 00,001,589 | ---- | M] () Counter Strike 1.6 Non Steam.lnk -> C:\Documents and Settings\Administrador\Desktop\Counter Strike 1.6 Non Steam.lnk -> [2009/08/07 00:12:23 | 00,001,679 | ---- | M] () Dedicated Server.lnk -> C:\Documents and Settings\Administrador\Desktop\Dedicated Server.lnk -> [2009/08/07 00:12:23 | 00,001,659 | ---- | M] () _CS_1.6_Full. - by Amorim - www.sitecs.net.rar -> C:\Documents and Settings\Administrador\Desktop\_CS_1.6_Full. - by Amorim - www.sitecs.net.rar -> [2009/08/06 23:30:26 | 28,065,1516 | ---- | M] () cs16patch_full_V23.exe -> C:\Documents and Settings\Administrador\Desktop\cs16patch_full_V23.exe -> [2009/08/06 22:47:53 | 23,880,094 | ---- | M] (Native Systems Inc.) Patch_Sitecs_protocolo_47_48.exe -> C:\Documents and Settings\Administrador\Desktop\Patch_Sitecs_protocolo_47_48.exe -> [2009/08/06 22:31:06 | 04,123,809 | ---- | M] ( ) NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/08/06 13:01:16 | 00,000,069 | ---- | M] () dxsdkuninst.exe -> C:\WINDOWS\dxsdkuninst.exe -> [2009/08/06 12:53:04 | 00,118,104 | ---- | M] (Microsoft Corporation) mswebdvd.dll -> C:\WINDOWS\System32\mswebdvd.dll -> [2009/08/05 06:00:39 | 00,205,312 | ---- | M] (Microsoft Corporation) mswebdvd.dll -> C:\WINDOWS\System32\dllcache\mswebdvd.dll -> [2009/08/05 06:00:39 | 00,205,312 | ---- | M] (Microsoft Corporation) opa12.dat -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Office\Data\opa12.dat -> [2008/05/11 15:22:42 | 00,008,420 | ---- | M] () data.dat -> C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Office\Data\data.dat -> [2007/12/19 16:48:43 | 00,001,372 | ---- | M] () [File - Lop Check] Dados de aplicativos -> C:\Documents and Settings\Administrador\Dados de aplicativos -> [2009/07/21 22:58:18 | 00,000,000 | RH-D | M] Aegisub -> C:\Documents and Settings\Administrador\Dados de aplicativos\Aegisub -> [2009/01/08 20:23:32 | 00,000,000 | ---D | M] Ahead -> C:\Documents and Settings\Administrador\Dados de aplicativos\Ahead -> [2008/03/09 16:56:16 | 00,000,000 | ---D | M] Any Video Converter -> C:\Documents and Settings\Administrador\Dados de aplicativos\Any Video Converter -> [2009/05/11 00:14:31 | 00,000,000 | ---D | M] BitTorrent -> C:\Documents and Settings\Administrador\Dados de aplicativos\BitTorrent -> [2009/03/07 17:31:30 | 00,000,000 | ---D | M] Corel -> C:\Documents and Settings\Administrador\Dados de aplicativos\Corel -> [2007/12/15 09:55:26 | 00,000,000 | ---D | M] DAEMON Tools Lite -> C:\Documents and Settings\Administrador\Dados de aplicativos\DAEMON Tools Lite -> [2009/07/07 19:18:58 | 00,000,000 | ---D | M] DMCache -> C:\Documents and Settings\Administrador\Dados de aplicativos\DMCache -> [2008/04/15 03:48:31 | 00,000,000 | ---D | M] DNA -> C:\Documents and Settings\Administrador\Dados de aplicativos\DNA -> [2009/05/12 13:52:08 | 00,000,000 | ---D | M] dvdcss -> C:\Documents and Settings\Administrador\Dados de aplicativos\dvdcss -> [2008/11/30 12:43:26 | 00,000,000 | ---D | M] fltk.org -> C:\Documents and Settings\Administrador\Dados de aplicativos\fltk.org -> [2008/06/19 01:06:37 | 00,000,000 | ---D | M] FrostWire -> C:\Documents and Settings\Administrador\Dados de aplicativos\FrostWire -> [2008/04/14 23:24:03 | 00,000,000 | ---D | M] Gearbox Software -> C:\Documents and Settings\Administrador\Dados de aplicativos\Gearbox Software -> [2009/03/07 23:09:25 | 00,000,000 | ---D | M] GlarySoft -> C:\Documents and Settings\Administrador\Dados de aplicativos\GlarySoft -> [2007/12/15 09:33:51 | 00,000,000 | ---D | M] Hamachi -> C:\Documents and Settings\Administrador\Dados de aplicativos\Hamachi -> [2009/07/22 22:55:11 | 00,000,000 | ---D | M] IObit -> C:\Documents and Settings\Administrador\Dados de aplicativos\IObit -> [2008/11/30 16:42:29 | 00,000,000 | ---D | M] Jubler -> C:\Documents and Settings\Administrador\Dados de aplicativos\Jubler -> [2009/01/08 20:29:58 | 00,000,000 | ---D | M] MyPhoneExplorer -> C:\Documents and Settings\Administrador\Dados de aplicativos\MyPhoneExplorer -> [2008/11/30 15:39:39 | 00,000,000 | ---D | M] Nokia -> C:\Documents and Settings\Administrador\Dados de aplicativos\Nokia -> [2008/12/09 13:43:01 | 00,000,000 | ---D | M] PC Suite -> C:\Documents and Settings\Administrador\Dados de aplicativos\PC Suite -> [2009/03/24 07:38:30 | 00,000,000 | ---D | M] River Past G5 -> C:\Documents and Settings\Administrador\Dados de aplicativos\River Past G5 -> [2009/04/26 16:26:24 | 00,000,000 | ---D | M] SecuROM -> C:\Documents and Settings\Administrador\Dados de aplicativos\SecuROM -> [2009/03/06 22:35:45 | 00,000,000 | RH-D | M] SlySoft -> C:\Documents and Settings\Administrador\Dados de aplicativos\SlySoft -> [2007/12/17 16:02:42 | 00,000,000 | ---D | M] SPORE -> C:\Documents and Settings\Administrador\Dados de aplicativos\SPORE -> [2009/03/06 22:40:37 | 00,000,000 | ---D | M] Styler -> C:\Documents and Settings\Administrador\Dados de aplicativos\Styler -> [2008/04/16 15:19:19 | 00,000,000 | ---D | M] Teleca -> C:\Documents and Settings\Administrador\Dados de aplicativos\Teleca -> [2008/04/02 15:22:26 | 00,000,000 | ---D | M] WeatherStudio Desktop -> C:\Documents and Settings\Administrador\Dados de aplicativos\WeatherStudio Desktop -> [2008/03/14 16:09:10 | 00,000,000 | ---D | M] Windows Desktop Search -> C:\Documents and Settings\Administrador\Dados de aplicativos\Windows Desktop Search -> [2008/12/20 17:37:05 | 00,000,000 | ---D | M] Windows Live Writer -> C:\Documents and Settings\Administrador\Dados de aplicativos\Windows Live Writer -> [2009/01/09 20:46:46 | 00,000,000 | ---D | M] Windows Search -> C:\Documents and Settings\Administrador\Dados de aplicativos\Windows Search -> [2009/01/09 20:31:18 | 00,000,000 | ---D | M] Dados de aplicativos -> C:\Documents and Settings\All Users\Dados de aplicativos -> [2009/08/28 23:31:07 | 00,000,000 | RH-D | M] BVRP Software -> C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software -> [2008/01/15 12:49:11 | 00,000,000 | ---D | M] Chat Republic Games -> C:\Documents and Settings\All Users\Dados de aplicativos\Chat Republic Games -> [2009/05/27 23:29:03 | 00,000,000 | ---D | M] DAEMON Tools Lite -> C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite -> [2009/07/07 19:16:07 | 00,000,000 | ---D | M] DVD Shrink -> C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink -> [2007/12/16 21:51:14 | 00,000,000 | ---D | M] Electronic Arts -> C:\Documents and Settings\All Users\Dados de aplicativos\Electronic Arts -> [2009/03/30 00:08:35 | 00,000,000 | ---D | M] GbPlugin -> C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin -> [2009/07/09 20:04:07 | 00,000,000 | ---D | M] Installations -> C:\Documents and Settings\All Users\Dados de aplicativos\Installations -> [2008/12/09 13:40:34 | 00,000,000 | ---D | M] Messenger Plus! -> C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus! -> [2009/07/28 23:17:28 | 00,000,000 | ---D | M] NFS Underground -> C:\Documents and Settings\All Users\Dados de aplicativos\NFS Underground -> [2007/12/18 13:48:06 | 00,000,000 | ---D | M] OrbNetworks -> C:\Documents and Settings\All Users\Dados de aplicativos\OrbNetworks -> [2008/02/29 15:21:00 | 00,000,000 | ---D | M] ParetoLogic -> C:\Documents and Settings\All Users\Dados de aplicativos\ParetoLogic -> [2009/08/28 23:31:07 | 00,000,000 | ---D | M] PC Suite -> C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite -> [2008/12/09 13:45:31 | 00,000,000 | ---D | M] River Past G5 -> C:\Documents and Settings\All Users\Dados de aplicativos\River Past G5 -> [2009/04/26 16:26:24 | 00,000,000 | ---D | M] SlySoft -> C:\Documents and Settings\All Users\Dados de aplicativos\SlySoft -> [2007/12/16 21:48:53 | 00,000,000 | ---D | M] SpeedBit -> C:\Documents and Settings\All Users\Dados de aplicativos\SpeedBit -> [2009/01/18 16:34:31 | 00,000,000 | ---D | M] Teleca -> C:\Documents and Settings\All Users\Dados de aplicativos\Teleca -> [2008/04/02 15:19:35 | 00,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP -> [2009/08/09 18:00:12 | 00,000,000 | ---D | M] Trymedia -> C:\Documents and Settings\All Users\Dados de aplicativos\Trymedia -> [2007/12/16 22:23:47 | 00,000,000 | ---D | M] WeatherStudio Desktop -> C:\Documents and Settings\All Users\Dados de aplicativos\WeatherStudio Desktop -> [2008/03/14 16:09:58 | 00,000,000 | ---D | M] WinZip -> C:\Documents and Settings\All Users\Dados de aplicativos\WinZip -> [2008/02/06 12:31:27 | 00,000,000 | ---D | M] Dados de aplicativos -> C:\Documents and Settings\Default User\Dados de aplicativos -> [2007/12/14 09:56:55 | 00,000,000 | RH-D | M] Dados de aplicativos -> C:\Documents and Settings\LocalService\Dados de aplicativos -> [2007/12/14 20:59:33 | 00,000,000 | ---D | M] Dados de aplicativos -> C:\Documents and Settings\NetworkService\Dados de aplicativos -> [2007/12/14 13:15:27 | 00,000,000 | ---D | M] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [2009/08/28 23:30:10 | 00,000,000 | --SD | M] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2001/10/28 12:07:04 | 00,000,065 | RH-- | M] () GlaryInitialize.job -> C:\WINDOWS\Tasks\GlaryInitialize.job -> [2009/08/29 16:27:23 | 00,000,344 | ---- | M] () ParetoLogic Registration.job -> C:\WINDOWS\Tasks\ParetoLogic Registration.job -> [2009/08/27 01:54:31 | 00,000,502 | ---- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/08/29 16:27:20 | 00,000,006 | -H-- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:A9662AE0 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0F8F5844 @Alternate Data Stream - 204 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst @Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:8FF81EB0 < End of report > [/code]