Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 12 usuários online :: 0 registrados, 0 invisíveis e 12 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Ferramenta de análise HJTScanlist.bat!
Página 1 de 1
Ferramenta de análise HJTScanlist.bat!
por Convidado Dom 15 Dez 2013, 15:12
HJTScanlist (By.., Mopao [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]) Muito utilizada pelo nosso amigo e parceiro de remoção de malwares Wings na época que havia muito casos de Sality e um tipo de Rootkit que se chamava Bagle que ao infectar o sistema causava diversos problemas. Um deles que me lembro era a mensagem de erro "não é um aplicativo Win32 válido".. Por causa disto os programas executáveis não funcionavam.
Apenas um programa HJTScanlist em MS-DOS, executava no sistema infectado.
Eu acrescentei mais um relatório nessa ferramenta.., chamado --> hjtscanlis2.txt, um complemento para melhorar na análise.
*Bom.., como já é uma ferramenta antiga em MS-DOS, já não é mais utilizada ou defasada!, mas creio que não.., ela ainda pode ser útil algum dia para esse tipo de casos.
==================================
Download -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para Windows XP, segue abaixo procedimento.
1)
Extraia o arquivo compactado HJTScanlis.zip, para o Desktop (Área de trabalho), e dê um duplo clique em HJTScanlist.bat
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
2)
Tecle na letra [X] e (Enter)
Tecle o número [1] --> (Enter)
Aguarde o escaneamento. Ao terminar apresentará um relatórios no Desktop chamados -> HJTScanlist.txt
=======================================================
Para Windows Vista/ Windows 7/8
1)
Extraia o arquivo compactado HJTScanlis.zip, para o Desktop (Área de trabalho), clique com o botão direito do mouse sobre o arquivo HJTScanlist.bat e clique em (Executar como Administrador)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
2)
Tecle na letra [V] e (Enter)
Tecle o numero [1] -> (Enter)
*Aguarde o escaneamento. Ao terminar apresentará um relatórios no Desktop chamados -> HJTScanlist.txt
-----------------------------------------------------------------------
Última edição por Brando lee em Seg 20 Jan 2014, 01:50, editado 18 vez(es) (Motivo da edição : Atualização da Ferramenta HJTscanlist)
Convidado- Convidado
Re: Ferramenta de análise HJTScanlist.bat!
por Convidado Dom 15 Dez 2013, 15:21
UP:
Na opção [1] gera esse relatótio:
Relatório HJTScanlist:
Na opção [1] gera esse relatótio:
Relatório HJTScanlist:
- Código:
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
Hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Mopao ©
Microsoft Windows XP [versão 5.1.2600]
ter 01/01/2002
03:25
C:\Recycler
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1014
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1003
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1003\desktop.ini
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1003\INFO2
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1014\desktop.ini
#C:\Recycler\S-1-5-21-1085031214-823518204-1606980848-1014\INFO2
----------------------------------------
C:
10/01/6615 00:02 C:\HJT --d---------- 0
17/01/2014 00:14 C:\zoek-results2014-01-17-021425.log ----a-------- 29175
17/01/2014 00:06 C:\zoek-results2014-01-17-020615.log ----a-------- 6809
17/01/2014 00:01 C:\zoek_backup --d---------- 0
06/01/2014 21:23 C:\.Trash-1000 --d-a-------- 0
06/01/2014 18:29 C:\Arquivos de programas --dr--------- 0
21/12/2013 11:09 C:\boot.ini -----hs------ 211
03/12/2013 09:52 C:\RECYCLER --d--hs------ 0
30/11/2013 09:12 C:\System Volume Information --d--hs------ 0
16/11/2013 14:20 C:\Filmes --d-a-------- 0
10/11/2013 22:13 C:\Sandbox --dr--------- 0
29/10/2013 20:14 C:\Navegador Tor --d-a-------- 0
19/09/2013 23:21 C:\Documents and Settings --d---------- 0
25/08/2013 12:44 C:\ATI --d---------- 0
14/04/2008 09:00 C:\Bootfont.bin ---rahs------ 4952
14/04/2008 09:00 C:\ntldr ---rahs------ 251696
14/04/2008 09:00 C:\NTDETECT.COM ---rahs------ 47564
C:\pagefile.sys ----
01/01/2002 00:43 C:\temp --d---------- 0
01/01/2002 00:08 C:\zoek-results.log ----a-------- 1679
01/01/2002 00:06 C:\WINDOWS --d---------- 0
10/01/1980 01:24 C:\IO.SYS ---rahs------ 0
10/01/1980 01:24 C:\CONFIG.SYS ----a-------- 0
10/01/1980 01:24 C:\MSDOS.SYS ---rahs------ 0
10/01/1980 01:24 C:\AUTOEXEC.BAT ----a-------- 0
----------------------------------------
C:\WINDOWS
21/12/2013 11:09 C:\WINDOWS\win.ini ----a-------- 477
21/12/2013 11:09 C:\WINDOWS\system.ini ----a-------- 227
11/12/2013 13:12 C:\WINDOWS\Sandboxie.ini ----a-------- 2330
31/10/2013 15:18 C:\WINDOWS\syswow64 ----a-------- 294080
30/08/2013 05:47 C:\WINDOWS\avastSS.scr ----a-------- 41664
13/07/2013 16:57 C:\WINDOWS\nsreg.dat ----a-------- 0
14/04/2008 09:00 C:\WINDOWS\winnt.bmp -----hs------ 48680
14/04/2008 09:00 C:\WINDOWS\Bruma.bmp ----a-------- 65954
14/04/2008 09:00 C:\WINDOWS\Cafezinho.bmp ----a-------- 17062
14/04/2008 09:00 C:\WINDOWS\clock.avi ----a-------- 82944
14/04/2008 09:00 C:\WINDOWS\winhlp32.exe ----a-------- 287744
14/04/2008 09:00 C:\WINDOWS\Deserto.bmp ----a-------- 65832
14/04/2008 09:00 C:\WINDOWS\desktop.ini ----a-------- 2
14/04/2008 09:00 C:\WINDOWS\Bolhas de sabão.bmp ----a-------- 65978
14/04/2008 09:00 C:\WINDOWS\explorer.exe ----a-------- 1035776
14/04/2008 09:00 C:\WINDOWS\explorer.scf ----a-------- 80
14/04/2008 09:00 C:\WINDOWS\hh.exe ----a-------- 10752
14/04/2008 09:00 C:\WINDOWS\Areia.bmp ----a-------- 26582
14/04/2008 09:00 C:\WINDOWS\winnt256.bmp -----hs------ 48680
14/04/2008 09:00 C:\WINDOWS\Leques.bmp ----a-------- 26680
14/04/2008 09:00 C:\WINDOWS\msdfmap.ini ----a-------- 1405
14/04/2008 09:00 C:\WINDOWS\NOTEPAD.EXE ----a-------- 70144
14/04/2008 09:00 C:\WINDOWS\winhelp.exe ----a-------- 304000
14/04/2008 09:00 C:\WINDOWS\twunk_32.exe ----a-------- 25600
14/04/2008 09:00 C:\WINDOWS\Pescaria.bmp ----a-------- 17336
14/04/2008 09:00 C:\WINDOWS\twunk_16.exe ----a-------- 49680
14/04/2008 09:00 C:\WINDOWS\regedit.exe ------------- 150528
14/04/2008 09:00 C:\WINDOWS\Renda azul 16.bmp ----a-------- 1272
14/04/2008 09:00 C:\WINDOWS\twain_32.dll ----a-------- 50688
14/04/2008 09:00 C:\WINDOWS\_default.pif ----a-------- 707
14/04/2008 09:00 C:\WINDOWS\wmprfPTB.prx ----a-------- 34666
14/04/2008 09:00 C:\WINDOWS\twain.dll ----a-------- 94832
14/04/2008 09:00 C:\WINDOWS\Seda.bmp ----a-------- 16730
14/04/2008 09:00 C:\WINDOWS\TASKMAN.EXE ----a-------- 15360
14/04/2008 09:00 C:\WINDOWS\Tapete.bmp ----a-------- 9522
14/04/2008 09:00 C:\WINDOWS\vmmreg32.dll ----a-------- 18944
14/04/2008 09:00 C:\WINDOWS\Rododentro.bmp ----a-------- 17362
01/01/2002 01:14 C:\WINDOWS\SchedLgU.Txt ----a-------- 32592
01/01/2002 00:08 C:\WINDOWS\WindowsUpdate.log ----a-------- 493171
01/01/2002 00:08 C:\WINDOWS\0.log ----a-------- 0
01/01/2002 00:07 C:\WINDOWS\bootstat.dat ----a-s------ 2048
01/01/2002 00:06 C:\WINDOWS\repository.backup ----a-------- 21442022
01/01/2002 00:04 C:\WINDOWS\setupapi.log ----a-------- 5555
01/01/2002 00:02 C:\WINDOWS\zoek-delete.exe ----a-------- 24064
31/12/1999 22:00 C:\WINDOWS\VGAsetup.ini ----a-------- 93813
31/12/1999 22:00 C:\WINDOWS\InstFunc.exe ----a-------- 49152
31/12/1999 22:00 C:\WINDOWS\InstFunc.dll ----a-------- 12288
31/12/1999 22:00 C:\WINDOWS\alcupd.exe ----a-------- 315392
31/12/1999 22:00 C:\WINDOWS\Progress.exe ----a-------- 208896
31/12/1999 22:00 C:\WINDOWS\Alcrmv.exe ----a-------- 217088
31/12/1999 22:00 C:\WINDOWS\difxapi.dll ----a-------- 337320
31/12/1999 22:00 C:\WINDOWS\soundman.exe ----a-------- 577536
10/01/1980 01:24 C:\WINDOWS\control.ini ----a-------- 0
10/01/1980 01:23 C:\WINDOWS\WMSysPr9.prx ----a-------- 316640
10/01/1980 01:23 C:\WINDOWS\ODBCINST.INI ----a-------- 4205
10/01/1980 01:22 C:\WINDOWS\WindowsShell.Manifest ---rah------- 749
10/01/1980 01:19 C:\WINDOWS\vb.ini ----a-------- 36
10/01/1980 01:19 C:\WINDOWS\vbaddin.ini ----a-------- 37
----------------------------------------
C:\WINDOWS\System
14/04/2008 09:00 C:\WINDOWS\System\MSVIDEO.DLL ----a-------- 127120
14/04/2008 09:00 C:\WINDOWS\System\WFWNET.DRV ----a-------- 13600
14/04/2008 09:00 C:\WINDOWS\System\AVICAP.DLL ----a-------- 70144
14/04/2008 09:00 C:\WINDOWS\System\AVIFILE.DLL ----a-------- 109536
14/04/2008 09:00 C:\WINDOWS\System\COMMDLG.DLL ----a-------- 33504
14/04/2008 09:00 C:\WINDOWS\System\KEYBOARD.DRV ----a-------- 2000
14/04/2008 09:00 C:\WINDOWS\System\LZEXPAND.DLL ----a-------- 9936
14/04/2008 09:00 C:\WINDOWS\System\MCIAVI.DRV ----a-------- 73632
14/04/2008 09:00 C:\WINDOWS\System\MCISEQ.DRV ----a-------- 25296
14/04/2008 09:00 C:\WINDOWS\System\MCIWAVE.DRV ----a-------- 28160
14/04/2008 09:00 C:\WINDOWS\System\MMSYSTEM.DLL ----a-------- 70080
14/04/2008 09:00 C:\WINDOWS\System\MMTASK.TSK ----a-------- 1152
14/04/2008 09:00 C:\WINDOWS\System\MOUSE.DRV ----a-------- 2032
14/04/2008 09:00 C:\WINDOWS\System\WINSPOOL.DRV ----a-------- 146944
14/04/2008 09:00 C:\WINDOWS\System\OLECLI.DLL ----a-------- 83456
14/04/2008 09:00 C:\WINDOWS\System\OLESVR.DLL ----a-------- 24064
14/04/2008 09:00 C:\WINDOWS\System\setup.inf ----a-------- 59167
14/04/2008 09:00 C:\WINDOWS\System\SHELL.DLL ----a-------- 5120
14/04/2008 09:00 C:\WINDOWS\System\SOUND.DRV ----a-------- 1744
14/04/2008 09:00 C:\WINDOWS\System\stdole.tlb ----a-------- 5532
14/04/2008 09:00 C:\WINDOWS\System\SYSTEM.DRV ----a-------- 3360
14/04/2008 09:00 C:\WINDOWS\System\TAPI.DLL ----a-------- 19200
14/04/2008 09:00 C:\WINDOWS\System\TIMER.DRV ----a-------- 4096
14/04/2008 09:00 C:\WINDOWS\System\VER.DLL ----a-------- 9072
14/04/2008 09:00 C:\WINDOWS\System\VGA.DRV ----a-------- 2176
----------------------------------------
C:\WINDOWS\System32
10/01/6615 00:00 C:\WINDOWS\system32\FNTCACHE.DAT ----a-------- 95072
17/01/2014 00:58 C:\WINDOWS\system32\CatRoot2 --d---------- 0
04/01/2014 00:12 C:\WINDOWS\system32\drivers --d---------- 0
22/12/2013 10:07 C:\WINDOWS\system32\FlashPlayerApp.exe ----a-------- 692616
22/12/2013 10:07 C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ----a-------- 71048
30/11/2013 09:54 C:\WINDOWS\system32\GroupPolicy --d--h------- 0
30/11/2013 09:12 C:\WINDOWS\system32\Restore --d---------- 0
29/11/2013 20:56 C:\WINDOWS\system32\config --d---------- 0
16/11/2013 10:31 C:\WINDOWS\system32\mui --d---------- 0
16/11/2013 10:31 C:\WINDOWS\system32\dllcache --dr-hsc----- 0
31/10/2013 15:18 C:\WINDOWS\system32\sigcheck.exe ----a-------- 294080
30/10/2013 22:52 C:\WINDOWS\system32\pt-BR --d---------- 0
30/10/2013 21:53 C:\WINDOWS\system32\TLDvrLng.ini ----a-------- 273806
30/09/2013 19:59 C:\WINDOWS\system32\CONFIG.NT ----a-------- 2969
30/08/2013 05:47 C:\WINDOWS\system32\aswBoot.exe ----a-------- 229648
25/08/2013 21:11 C:\WINDOWS\system32\Adobe --d---------- 0
25/08/2013 13:26 C:\WINDOWS\system32\XPSViewer --d---------- 0
25/08/2013 13:24 C:\WINDOWS\system32\en-us --d---------- 0
25/08/2013 13:23 C:\WINDOWS\system32\spool --d---------- 0
25/08/2013 12:46 C:\WINDOWS\system32\ReinstallBackups --d---------- 0
16/07/2013 05:41 C:\WINDOWS\system32\msvcp100d.dll ----a-------- 743248
16/07/2013 05:41 C:\WINDOWS\system32\msvcr100d.dll ----a-------- 1498960
13/07/2013 01:16 C:\WINDOWS\system32\VGAunistlog.ini ----a-------- 81095
13/07/2013 01:05 C:\WINDOWS\system32\SoftwareDistribution --d---------- 0
01/05/2013 03:59 C:\WINDOWS\system32\QuickTimeVR.qtx ----a-------- 94208
01/05/2013 03:59 C:\WINDOWS\system32\QuickTime.qts ----a-------- 69632
02/06/2012 16:19 C:\WINDOWS\system32\wuapi.dll.mui ----a-------- 15896
02/06/2012 16:19 C:\WINDOWS\system32\wuaucpl.cpl ----a-------- 219160
02/06/2012 16:19 C:\WINDOWS\system32\wuweb.dll ----a-------- 210968
02/06/2012 16:19 C:\WINDOWS\system32\wucltui.dll ----a-------- 329240
02/06/2012 16:19 C:\WINDOWS\system32\wuaueng.dll.mui ----a-------- 18456
02/06/2012 16:19 C:\WINDOWS\system32\wuaucpl.cpl.mui ----a-------- 15896
02/06/2012 16:19 C:\WINDOWS\system32\wups.dll ----a-------- 35864
02/06/2012 16:19 C:\WINDOWS\system32\wuauclt.exe ----a-------- 53784
02/06/2012 16:19 C:\WINDOWS\system32\wups2.dll ----a-------- 45080
02/06/2012 16:19 C:\WINDOWS\system32\cdm.dll ----a-------- 97304
02/06/2012 16:19 C:\WINDOWS\system32\wucltui.dll.mui ----a-------- 23576
02/06/2012 16:19 C:\WINDOWS\system32\wuapi.dll ----a-------- 577048
02/06/2012 16:19 C:\WINDOWS\system32\wuaueng.dll ----a-------- 1933848
05/03/2012 05:32 C:\WINDOWS\system32\NetDvr2.dll ----a-------- 196608
05/03/2012 05:28 C:\WINDOWS\system32\TLNetDvr.ocx ----a-------- 684032
05/07/2011 01:53 C:\WINDOWS\system32\TLPlay.dll ----a-------- 139264
19/02/2011 15:33 C:\WINDOWS\system32\msvcp100.dll ----a-------- 421200
18/02/2011 17:10 C:\WINDOWS\system32\msvcr100.dll ----a-------- 773968
26/10/2010 12:03 C:\WINDOWS\system32\sistray.exe ----a-------- 262144
08/06/2010 23:31 C:\WINDOWS\system32\avcdec.dll ----a-------- 47024
08/03/2009 14:35 C:\WINDOWS\system32\ieframe.dll.mui ------------- 1282048
08/03/2009 14:35 C:\WINDOWS\system32\msrating.dll.mui ------------- 53248
08/03/2009 14:35 C:\WINDOWS\system32\mshta.exe.mui ------------- 2560
08/03/2009 14:32 C:\WINDOWS\system32\ie4uinit.exe.mui ------------- 4096
08/03/2009 14:32 C:\WINDOWS\system32\advpack.dll.mui ------------- 11776
08/03/2009 14:32 C:\WINDOWS\system32\iedkcs32.dll.mui ------------- 81920
08/03/2009 14:09 C:\WINDOWS\system32\iedkcs32.dll ----a-------- 391536
08/03/2009 04:41 C:\WINDOWS\system32\mshtml.dll ----a-------- 5937152
08/03/2009 04:39 C:\WINDOWS\system32\ieframe.dll ------------- 11063808
08/03/2009 04:35 C:\WINDOWS\system32\html.iec ----a-------- 385024
08/03/2009 04:34 C:\WINDOWS\system32\wininet.dll ----a-------- 914944
08/03/2009 04:34 C:\WINDOWS\system32\urlmon.dll ----a-------- 1206784
08/03/2009 04:34 C:\WINDOWS\system32\inetcpl.cpl ----a-------- 1469440
08/03/2009 04:34 C:\WINDOWS\system32\WinFXDocObj.exe ------------- 208384
08/03/2009 04:34 C:\WINDOWS\system32\webcheck.dll ----a-------- 236544
08/03/2009 04:34 C:\WINDOWS\system32\licmgr10.dll ----a-------- 43008
08/03/2009 04:34 C:\WINDOWS\system32\url.dll ----a-------- 105984
08/03/2009 04:34 C:\WINDOWS\system32\occache.dll ----a-------- 109568
08/03/2009 04:34 C:\WINDOWS\system32\msrating.dll ----a-------- 193536
08/03/2009 04:33 C:\WINDOWS\system32\corpol.dll ----a-------- 18944
08/03/2009 04:33 C:\WINDOWS\system32\jsproxy.dll ----a-------- 25600
08/03/2009 04:33 C:\WINDOWS\system32\jscript.dll ----a-------- 726528
08/03/2009 04:33 C:\WINDOWS\system32\ieaksie.dll ----a-------- 229376
08/03/2009 04:33 C:\WINDOWS\system32\vbscript.dll ----a-------- 420352
08/03/2009 04:33 C:\WINDOWS\system32\ieakeng.dll ----a-------- 125952
08/03/2009 04:32 C:\WINDOWS\system32\admparse.dll ----a-------- 72704
08/03/2009 04:32 C:\WINDOWS\system32\ie4uinit.exe ----a-------- 173056
08/03/2009 04:32 C:\WINDOWS\system32\ieakui.dll ----a-------- 163840
08/03/2009 04:32 C:\WINDOWS\system32\ieudinit.exe ----a-------- 36864
08/03/2009 04:32 C:\WINDOWS\system32\iesetup.dll ----a-------- 71680
08/03/2009 04:32 C:\WINDOWS\system32\iernonce.dll ----a-------- 55808
08/03/2009 04:32 C:\WINDOWS\system32\advpack.dll ----a-------- 128512
08/03/2009 04:32 C:\WINDOWS\system32\inseng.dll ----a-------- 94720
08/03/2009 04:32 C:\WINDOWS\system32\msfeeds.dll ------------- 594432
08/03/2009 04:32 C:\WINDOWS\system32\iertutil.dll ------------- 1985024
08/03/2009 04:32 C:\WINDOWS\system32\mstime.dll ----a-------- 611840
08/03/2009 04:31 C:\WINDOWS\system32\iepeers.dll ----a-------- 183808
08/03/2009 04:31 C:\WINDOWS\system32\msfeedssync.exe ------------- 13312
08/03/2009 04:31 C:\WINDOWS\system32\icardie.dll ------------- 59904
08/03/2009 04:31 C:\WINDOWS\system32\msfeedsbs.dll ------------- 55296
08/03/2009 04:31 C:\WINDOWS\system32\dxtmsft.dll ----a-------- 348160
08/03/2009 04:31 C:\WINDOWS\system32\dxtrans.dll ----a-------- 216064
08/03/2009 04:31 C:\WINDOWS\system32\imgutil.dll ----a-------- 34816
08/03/2009 04:31 C:\WINDOWS\system32\pngfilt.dll ----a-------- 46592
08/03/2009 04:31 C:\WINDOWS\system32\mshtmled.dll ----a-------- 66560
08/03/2009 04:31 C:\WINDOWS\system32\mshtmler.dll ----a-------- 48128
08/03/2009 04:31 C:\WINDOWS\system32\mshtml.tlb ----a-------- 1638912
08/03/2009 04:31 C:\WINDOWS\system32\mshta.exe ----a-------- 45568
08/03/2009 04:30 C:\WINDOWS\system32\tdc.ocx ----a-------- 66560
08/03/2009 04:22 C:\WINDOWS\system32\ieui.dll ------------- 164352
08/03/2009 04:22 C:\WINDOWS\system32\msls31.dll ----a-------- 156160
08/03/2009 04:15 C:\WINDOWS\system32\ieuinit.inf ----a-------- 57667
08/03/2009 04:11 C:\WINDOWS\system32\ieapfltr.dll ------------- 445952
12/02/2009 22:20 C:\WINDOWS\system32\IE8Eula.rtf ------------- 6681
06/02/2009 21:07 C:\WINDOWS\system32\ieapfltr.dat ------------- 3698584
07/01/2009 18:21 C:\WINDOWS\system32\spmsg.dll ------------- 17952
07/01/2009 18:21 C:\WINDOWS\system32\spupdsvc.exe ----a-------- 26144
07/01/2009 18:21 C:\WINDOWS\system32\xmllite.dll ----a-------- 121856
07/01/2009 18:20 C:\WINDOWS\system32\nlsdl.dll ----a-------- 24576
07/01/2009 18:20 C:\WINDOWS\system32\normnfkc.nls ----a-------- 66384
07/01/2009 18:20 C:\WINDOWS\system32\normnfkd.nls ----a-------- 60294
07/01/2009 18:20 C:\WINDOWS\system32\idndl.dll ----a-------- 26112
07/01/2009 18:20 C:\WINDOWS\system32\normaliz.dll ----a-------- 23552
07/01/2009 18:20 C:\WINDOWS\system32\normnfc.nls ----a-------- 45794
07/01/2009 18:20 C:\WINDOWS\system32\normnfd.nls ----a-------- 39284
07/01/2009 18:20 C:\WINDOWS\system32\normidna.nls ----a-------- 59342
07/01/2009 18:20 C:\WINDOWS\system32\ticrf.rat ------------- 1988
07/01/2009 18:20 C:\WINDOWS\system32\icrav03.rat ----a-------- 8798
07/01/2009 18:20 C:\WINDOWS\system32\msdbg2.dll ----a-------- 265720
19/05/2008 06:33 C:\WINDOWS\system32\msihnd.dll ----a-------- 332800
19/05/2008 06:33 C:\WINDOWS\system32\msi.dll ----a-------- 4445184
19/05/2008 06:33 C:\WINDOWS\system32\msisip.dll ----a-------- 18944
19/05/2008 01:57 C:\WINDOWS\system32\msiexec.exe ----a-------- 95744
17/04/2008 01:43 C:\WINDOWS\system32\msimsg.dll ----a-------- 2560
14/04/2008 09:00 C:\WINDOWS\system32\bidispl.dll ----a-------- 17408
14/04/2008 09:00 C:\WINDOWS\system32\bios1.rom ----a-------- 28420
14/04/2008 09:00 C:\WINDOWS\system32\bios4.rom ----a-------- 8191
14/04/2008 09:00 C:\WINDOWS\system32\bitsprx2.dll ----a-------- 8192
14/04/2008 09:00 C:\WINDOWS\system32\bitsprx3.dll ----a-------- 7168
14/04/2008 09:00 C:\WINDOWS\system32\bitsprx4.dll ----a-------- 7168
14/04/2008 09:00 C:\WINDOWS\system32\blackbox.dll ----a-------- 286720
14/04/2008 09:00 C:\WINDOWS\system32\blastcln.exe ----a-------- 71680
14/04/2008 09:00 C:\WINDOWS\system32\bootcfg.exe ----a-------- 153600
14/04/2008 09:00 C:\WINDOWS\system32\bootok.exe ----a-------- 4608
14/04/2008 09:00 C:\WINDOWS\system32\bootvid.dll ----a-------- 12288
14/04/2008 09:00 C:\WINDOWS\system32\bootvrfy.exe ----a-------- 5120
14/04/2008 09:00 C:\WINDOWS\system32\bopomofo.uce ----a-------- 22984
14/04/2008 09:00 C:\WINDOWS\system32\browselc.dll ----a-------- 67584
14/04/2008 09:00 C:\WINDOWS\system32\browser.dll ----a-------- 77824
14/04/2008 09:00 C:\WINDOWS\system32\browseui.dll ----a-------- 1025536
14/04/2008 09:00 C:\WINDOWS\system32\browsewm.dll ----a-------- 78336
14/04/2008 09:00 C:\WINDOWS\system32\bthci.dll ----a-------- 20992
14/04/2008 09:00 C:\WINDOWS\system32\bthprops.cpl ----a-------- 110592
14/04/2008 09:00 C:\WINDOWS\system32\bthserv.dll ----a-------- 30208
14/04/2008 09:00 C:\WINDOWS\system32\btpanui.dll ----a-------- 50688
14/04/2008 09:00 C:\WINDOWS\system32\cabinet.dll ----a-------- 60416
14/04/2008 09:00 C:\WINDOWS\system32\cabview.dll ----a-------- 84992
14/04/2008 09:00 C:\WINDOWS\system32\cacls.exe ----a-------- 20480
14/04/2008 09:00 C:\WINDOWS\system32\calc.exe ----a-------- 115200
14/04/2008 09:00 C:\WINDOWS\system32\camocx.dll ----a-------- 50688
14/04/2008 09:00 C:\WINDOWS\system32\capesnpn.dll ----a-------- 152576
14/04/2008 09:00 C:\WINDOWS\system32\cards.dll ----a-------- 359936
14/04/2008 09:00 C:\WINDOWS\system32\wship6.dll ----a-------- 14336
14/04/2008 09:00 C:\WINDOWS\system32\amstream.dll ----a-------- 70656
14/04/2008 09:00 C:\WINDOWS\system32\catsrv.dll ----a-------- 226304
14/04/2008 09:00 C:\WINDOWS\system32\catsrvps.dll ----a-------- 85504
14/04/2008 09:00 C:\WINDOWS\system32\catsrvut.dll ----a-------- 625664
14/04/2008 09:00 C:\WINDOWS\system32\ccfgnt.dll ----a-------- 27648
14/04/2008 09:00 C:\WINDOWS\system32\cdfview.dll ----a-------- 151552
14/04/2008 09:00 C:\WINDOWS\system32\wzcdlg.dll ----a-------- 383488
14/04/2008 09:00 C:\WINDOWS\system32\cdmodem.dll ----a-------- 15872
14/04/2008 09:00 C:\WINDOWS\system32\cdosys.dll ----a-------- 2091520
14/04/2008 09:00 C:\WINDOWS\system32\wshext.dll ----a-------- 90112
14/04/2008 09:00 C:\WINDOWS\system32\certcli.dll ----a-------- 199680
14/04/2008 09:00 C:\WINDOWS\system32\certmgr.dll ----a-------- 464384
14/04/2008 09:00 C:\WINDOWS\system32\certmgr.msc ----a-------- 41985
14/04/2008 09:00 C:\WINDOWS\system32\cewmdm.dll ----a-------- 159232
14/04/2008 09:00 C:\WINDOWS\system32\cfgbkend.dll ----a-------- 39424
14/04/2008 09:00 C:\WINDOWS\system32\cfgmgr32.dll ----a-------- 16896
14/04/2008 09:00 C:\WINDOWS\system32\charmap.exe ----a-------- 80896
14/04/2008 09:00 C:\WINDOWS\system32\wshcon.dll ----a-------- 36864
14/04/2008 09:00 C:\WINDOWS\system32\chcp.com ----a-------- 7680
14/04/2008 09:00 C:\WINDOWS\system32\chkdsk.exe ----a-------- 11776
14/04/2008 09:00 C:\WINDOWS\system32\chkntfs.exe ----a-------- 11264
14/04/2008 09:00 C:\WINDOWS\system32\ciadmin.dll ----a-------- 164864
14/04/2008 09:00 C:\WINDOWS\system32\ciadv.msc ----a-------- 41461
14/04/2008 09:00 C:\WINDOWS\system32\cic.dll ----a-------- 148480
14/04/2008 09:00 C:\WINDOWS\system32\cidaemon.exe ----a-------- 8192
14/04/2008 09:00 C:\WINDOWS\system32\ciodm.dll ----a-------- 69120
14/04/2008 09:00 C:\WINDOWS\system32\cipher.exe ----a-------- 57856
14/04/2008 09:00 C:\WINDOWS\system32\cisvc.exe ----a-------- 5632
14/04/2008 09:00 C:\WINDOWS\system32\ckcnv.exe ----a-------- 7680
14/04/2008 09:00 C:\WINDOWS\system32\clb.dll ----a-------- 11264
14/04/2008 09:00 C:\WINDOWS\system32\clbcatex.dll ----a-------- 110592
14/04/2008 09:00 C:\WINDOWS\system32\clbcatq.dll ----a-------- 498688
14/04/2008 09:00 C:\WINDOWS\system32\cleanmgr.exe ----a-------- 64512
14/04/2008 09:00 C:\WINDOWS\system32\cliconf.chm ----a-------- 61126
14/04/2008 09:00 C:\WINDOWS\system32\cliconfg.dll ----a-------- 77824
14/04/2008 09:00 C:\WINDOWS\system32\cliconfg.exe ----a-------- 20480
14/04/2008 09:00 C:\WINDOWS\system32\cliconfg.rll ----a-------- 24576
14/04/2008 09:00 C:\WINDOWS\system32\clipbrd.exe ----a-------- 104960
14/04/2008 09:00 C:\WINDOWS\system32\clipsrv.exe ----a-------- 33280
14/04/2008 09:00 C:\WINDOWS\system32\clusapi.dll ----a-------- 58368
14/04/2008 09:00 C:\WINDOWS\system32\cmcfg32.dll ----a-------- 15872
14/04/2008 09:00 C:\WINDOWS\system32\cmd.exe ----a-------- 400896
14/04/2008 09:00 C:\WINDOWS\system32\cmdial32.dll ----a-------- 348672
14/04/2008 09:00 C:\WINDOWS\system32\cmdl32.exe ----a-------- 25600
14/04/2008 09:00 C:\WINDOWS\system32\cmdlib.wsc ----a-------- 40593
14/04/2008 09:00 C:\WINDOWS\system32\cmmgr32.hlp ----a-------- 60504
14/04/2008 09:00 C:\WINDOWS\system32\cmmon32.exe ----a-------- 39936
14/04/2008 09:00 C:\WINDOWS\system32\cmos.ram ----a-------- 64
14/04/2008 09:00 C:\WINDOWS\system32\cmpbk32.dll ----a-------- 14336
14/04/2008 09:00 C:\WINDOWS\system32\cmprops.dll ----a-------- 188928
14/04/2008 09:00 C:\WINDOWS\system32\cmsetACL.dll ----a-------- 13312
14/04/2008 09:00 C:\WINDOWS\system32\cmstp.exe ----a-------- 65024
14/04/2008 09:00 C:\WINDOWS\system32\cmutil.dll ----a-------- 40960
14/04/2008 09:00 C:\WINDOWS\system32\cnbjmon.dll ----a-------- 49152
14/04/2008 09:00 C:\WINDOWS\system32\cnetcfg.dll ----a-------- 32768
14/04/2008 09:00 C:\WINDOWS\system32\cnvfat.dll ----a-------- 26624
14/04/2008 09:00 C:\WINDOWS\system32\colbact.dll ----a-------- 60416
14/04/2008 09:00 C:\WINDOWS\system32\wshbth.dll ----a-------- 108032
14/04/2008 09:00 C:\WINDOWS\system32\comaddin.dll ----a-------- 28160
14/04/2008 09:00 C:\WINDOWS\system32\comcat.dll ----a-------- 3584
14/04/2008 09:00 C:\WINDOWS\system32\comctl32.dll ----a-------- 617472
14/04/2008 09:00 C:\WINDOWS\system32\comdlg32.dll ----a-------- 275968
14/04/2008 09:00 C:\WINDOWS\system32\comm.drv ----a-------- 10544
14/04/2008 09:00 C:\WINDOWS\system32\command.com ----a-------- 52472
14/04/2008 09:00 C:\WINDOWS\system32\commdlg.dll ----a-------- 33504
14/04/2008 09:00 C:\WINDOWS\system32\comp.exe ----a-------- 15872
14/04/2008 09:00 C:\WINDOWS\system32\compact.exe ----a-------- 17920
14/04/2008 09:00 C:\WINDOWS\system32\compatUI.dll ----a-------- 253440
14/04/2008 09:00 C:\WINDOWS\system32\compmgmt.msc ----a-------- 37362
14/04/2008 09:00 C:\WINDOWS\system32\compobj.dll ----a-------- 30160
14/04/2008 09:00 C:\WINDOWS\system32\compstui.dll ----a-------- 230400
14/04/2008 09:00 C:\WINDOWS\system32\comrepl.dll ----a-------- 97792
14/04/2008 09:00 C:\WINDOWS\system32\comres.dll ----a-------- 821760
14/04/2008 09:00 C:\WINDOWS\system32\comsnap.dll ----a-------- 167424
14/04/2008 09:00 C:\WINDOWS\system32\comsvcs.dll ----a-------- 1267200
14/04/2008 09:00 C:\WINDOWS\system32\comuid.dll ----a-------- 539648
14/04/2008 09:00 C:\WINDOWS\system32\alrsvc.dll ----a-------- 17408
14/04/2008 09:00 C:\WINDOWS\system32\alg.exe ----a-------- 44544
14/04/2008 09:00 C:\WINDOWS\system32\CONFIG.TMP ------------- 2969
14/04/2008 09:00 C:\WINDOWS\system32\confmsp.dll ----a-------- 358400
14/04/2008 09:00 C:\WINDOWS\system32\conime.exe ----a-------- 27648
14/04/2008 09:00 C:\WINDOWS\system32\console.dll ----a-------- 67072
14/04/2008 09:00 C:\WINDOWS\system32\control.exe ----a-------- 8192
14/04/2008 09:00 C:\WINDOWS\system32\convert.exe ----a-------- 13824
14/04/2008 09:00 C:\WINDOWS\system32\wuauserv.dll ----a-------- 6656
14/04/2008 09:00 C:\WINDOWS\system32\country.sys ----a-------- 27097
14/04/2008 09:00 C:\WINDOWS\system32\credssp.dll ----a-------- 12800
14/04/2008 09:00 C:\WINDOWS\system32\credui.dll ----a-------- 164352
14/04/2008 09:00 C:\WINDOWS\system32\crtdll.dll ----a-------- 149019
14/04/2008 09:00 C:\WINDOWS\system32\crypt32.dll ----a-------- 605184
14/04/2008 09:00 C:\WINDOWS\system32\cryptdlg.dll ----a-------- 75264
14/04/2008 09:00 C:\WINDOWS\system32\cryptdll.dll ----a-------- 33280
14/04/2008 09:00 C:\WINDOWS\system32\cryptext.dll ----a-------- 54784
14/04/2008 09:00 C:\WINDOWS\system32\cryptnet.dll ----a-------- 64512
14/04/2008 09:00 C:\WINDOWS\system32\cryptsvc.dll ----a-------- 62464
14/04/2008 09:00 C:\WINDOWS\system32\cryptui.dll ----a-------- 528384
14/04/2008 09:00 C:\WINDOWS\system32\cscdll.dll ----a-------- 102400
14/04/2008 09:00 C:\WINDOWS\system32\cscript.exe ----a-------- 139264
14/04/2008 09:00 C:\WINDOWS\system32\cscui.dll ----a-------- 331776
14/04/2008 09:00 C:\WINDOWS\system32\csrsrv.dll ----a-------- 32256
14/04/2008 09:00 C:\WINDOWS\system32\csrss.exe ----a-------- 6144
14/04/2008 09:00 C:\WINDOWS\system32\csseqchk.dll ----a-------- 73728
14/04/2008 09:00 C:\WINDOWS\system32\ctfmon.exe ----a-------- 15360
14/04/2008 09:00 C:\WINDOWS\system32\ctl3d32.dll ----a-------- 27136
14/04/2008 09:00 C:\WINDOWS\system32\ctl3dv2.dll ---ra-------- 27200
14/04/2008 09:00 C:\WINDOWS\system32\ctype.nls ----a-------- 8386
14/04/2008 09:00 C:\WINDOWS\system32\c_037.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10000.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10006.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10007.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10010.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10017.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10029.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10079.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10081.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_10082.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1026.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1250.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1251.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1252.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1253.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1254.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1255.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1256.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1257.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_1258.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_20127.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_20261.nls ----a-------- 139810
14/04/2008 09:00 C:\WINDOWS\system32\c_20866.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_20905.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_21866.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28591.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28592.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28593.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\C_28594.NLS ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\C_28595.NLS ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\C_28597.NLS ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28598.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28599.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28603.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_28605.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_437.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_500.nls ----a-------- 66082
14/04/2008 09:00 C:\WINDOWS\system32\c_737.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_775.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_850.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_852.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_855.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_857.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_860.nls ----a-------- 66594
14/04/2008 09:00 C:\WINDOWS\system32\c_861.nls ----a-------- 66594
----------------------------------------
C:\WINDOWS\Prefetch
10/01/6615 01:47 C:\WINDOWS\Prefetch\AVBUGREPORT.EXE-1D2F3D24.pf ----a-------- 21500
10/01/6615 01:45 C:\WINDOWS\Prefetch\FIREFOX.EXE-1362643C.pf ----a-------- 60310
10/01/6615 01:45 C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf ----a-------- 17670
10/01/6615 01:45 C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf ----a-------- 30506
10/01/6615 01:27 C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf ----a-------- 33950
10/01/6615 01:25 C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf ----a-------- 12258
10/01/6615 01:25 C:\WINDOWS\Prefetch\WMIC.EXE-3B772CC6.pf ----a-------- 35830
10/01/6615 01:24 C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf ----a-------- 32118
10/01/6615 01:24 C:\WINDOWS\Prefetch\TEAMVIEWER_SERVICE.EXE-0020CEC4.pf ----a-------- 39804
10/01/6615 01:24 C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf ----a-------- 10756
10/01/6615 01:24 C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf ----a-------- 20140
10/01/6615 01:24 C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf ----a-------- 24468
10/01/6615 01:24 C:\WINDOWS\Prefetch\AVASTEMUPDATE.EXE-130514FA.pf ----a-------- 24690
10/01/6615 01:10 C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-012592DA.pf ----a-------- 77484
10/01/6615 01:02 C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf ----a-------- 31884
10/01/6615 00:52 C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf ----a-------- 19172
10/01/6615 00:49 C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf ----a-------- 19056
10/01/6615 00:46 C:\WINDOWS\Prefetch\RUNDLL32.EXE-477C9041.pf ----a-------- 80364
10/01/6615 00:45 C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf ----a-------- 27264
10/01/6615 00:44 C:\WINDOWS\Prefetch\NET1.EXE-029B9DB4.pf ----a-------- 14466
10/01/6615 00:44 C:\WINDOWS\Prefetch\NET.EXE-01A53C2F.pf ----a-------- 13860
10/01/6615 00:44 C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf ----a-------- 12664
10/01/6615 00:38 C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf ----a-------- 16326
10/01/6615 00:35 C:\WINDOWS\Prefetch\NETSH.EXE-085CFFDE.pf ----a-------- 38738
10/01/6615 00:27 C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf ----a-------- 13716
10/01/6615 00:11 C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf ----a-------- 80858
10/01/6615 00:10 C:\WINDOWS\Prefetch\IEXPLORE.EXE-2B53DE18.pf ----a-------- 80470
10/01/6615 00:08 C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf ----a-------- 16900
10/01/6615 00:08 C:\WINDOWS\Prefetch\APSDAEMON.EXE-25477E3A.pf ----a-------- 64680
10/01/6615 00:08 C:\WINDOWS\Prefetch\AVASTUI.EXE-34BA94C8.pf ----a-------- 63176
10/01/6615 00:08 C:\WINDOWS\Prefetch\QTTASK.EXE-2B3D6136.pf ----a-------- 9258
10/01/6615 00:08 C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf ----a-------- 98596
10/01/6615 00:08 C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf ----a-------- 17422
10/01/6615 00:08 C:\WINDOWS\Prefetch\ATI2EVXX.EXE-19D16EB9.pf ----a-------- 24580
10/01/6615 00:07 C:\WINDOWS\Prefetch\RUNDLL32.EXE-12E27DD0.pf ----a-------- 18998
10/01/6615 00:07 C:\WINDOWS\Prefetch\SRAID.EXE-068F24E0.pf ----a-------- 19916
10/01/6615 00:05 C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf ----a-------- 59480
10/01/6615 00:04 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf ----a-------- 58050
10/01/6615 00:03 C:\WINDOWS\Prefetch\WSCRIPT.EXE-32960AB9.pf ----a-------- 31682
10/01/6615 00:02 C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf ----a-------- 48016
18/01/6514 01:36 C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf ----a-------- 29000
10/01/6415 00:02 C:\WINDOWS\Prefetch\HJTSCANLIST.EXE-2EF2A6E0.pf ----a-------- 39200
10/01/6415 00:02 C:\WINDOWS\Prefetch\HJTSCANLIST2.EXE-1EAB9708.pf ----a-------- 39426
17/01/2014 00:53 C:\WINDOWS\Prefetch\AVAST.SETUP-012B506E.pf ----a-------- 130026
17/01/2014 00:14 C:\WINDOWS\Prefetch\SWXCACLS.EXE-18D76D4F.pf ----a-------- 7292
17/01/2014 00:14 C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf ----a-------- 13500
17/01/2014 00:13 C:\WINDOWS\Prefetch\MSHTA.EXE-331DF029.pf ----a-------- 31698
17/01/2014 00:13 C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf ----a-------- 12516
17/01/2014 00:13 C:\WINDOWS\Prefetch\SED.EXE-09194524.pf ----a-------- 5698
17/01/2014 00:13 C:\WINDOWS\Prefetch\CSCRIPT.EXE-1C26180C.pf ----a-------- 38376
17/01/2014 00:13 C:\WINDOWS\Prefetch\PEVZ.EXE-0C5B167F.pf ----a-------- 10860
17/01/2014 00:13 C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf ----a-------- 12672
17/01/2014 00:11 C:\WINDOWS\Prefetch\ATTRIB.EXE-39EAFB02.pf ----a-------- 12328
17/01/2014 00:10 C:\WINDOWS\Prefetch\ZOEK.EXE-09DE18CB.pf ----a-------- 23464
17/01/2014 00:10 C:\WINDOWS\Prefetch\WGET.EXE-10378911.pf ----a-------- 23206
17/01/2014 00:10 C:\WINDOWS\Prefetch\PEVZ.EXE-079C4DF4.pf ----a-------- 9158
17/01/2014 00:10 C:\WINDOWS\Prefetch\ASWRUNDLL.EXE-3B6AEDE7.pf ----a-------- 22310
17/01/2014 00:10 C:\WINDOWS\Prefetch\WGET.EXE-259D61B7.pf ----a-------- 26176
17/01/2014 00:10 C:\WINDOWS\Prefetch\PEVZ.EXE-32E8BCB3.pf ----a-------- 9202
17/01/2014 00:02 C:\WINDOWS\Prefetch\ZOEK.EXE-0590D7BC.pf ----a-------- 20866
17/01/2014 00:02 C:\WINDOWS\Prefetch\PEVZ.EXE-02981819.pf ----a-------- 9422
17/01/2014 00:01 C:\WINDOWS\Prefetch\PEVZ.EXE-27AFF1C8.pf ----a-------- 9158
17/01/2014 00:01 C:\WINDOWS\Prefetch\WGET.EXE-35B040D3.pf ----a-------- 24956
17/01/2014 00:01 C:\WINDOWS\Prefetch\PEVZ.EXE-1EE40DE9.pf ----a-------- 12580
16/01/2014 23:09 C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf ----a-------- 7272
16/01/2014 21:47 C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf ----a-------- 16580
16/01/2014 21:47 C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf ----a-------- 54666
16/01/2014 21:47 C:\WINDOWS\Prefetch\layout.ini ----a-------- 568052
16/01/2014 20:45 C:\WINDOWS\Prefetch\RUNDLL32.EXE-203F5BA5.pf ----a-------- 19474
06/01/2014 10:35 C:\WINDOWS\Prefetch\SYSTEMEXPLORER.EXE-29E07A9A.pf ----a-------- 42006
06/01/2014 10:35 C:\WINDOWS\Prefetch\SYSTEMEXPLORERSERVICE.EXE-0B604B08.pf ----a-------- 17880
06/01/2014 10:16 C:\WINDOWS\Prefetch\AUTORUNSC.EXE-0FFA208C.pf ----a-------- 58834
06/01/2014 10:14 C:\WINDOWS\Prefetch\SIGCHECK.EXE-303F42F6.pf ----a-------- 59376
06/01/2014 10:07 C:\WINDOWS\Prefetch\WINMGMT.EXE-2D790CBE.pf ----a-------- 13880
05/01/2014 23:42 C:\WINDOWS\Prefetch\SC.EXE-012262AF.pf ----a-------- 12100
05/01/2014 23:34 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2CFA8350.pf ----a-------- 57796
05/01/2014 23:34 C:\WINDOWS\Prefetch\RUNDLL32.EXE-16857E60.pf ----a-------- 57650
05/01/2014 23:13 C:\WINDOWS\Prefetch\MSMSGS.EXE-18E7A848.pf ----a-------- 26908
05/01/2014 23:13 C:\WINDOWS\Prefetch\SBIECTRL.EXE-152062DC.pf ----a-------- 27344
05/01/2014 11:44 C:\WINDOWS\Prefetch\ATF-CLEANER.EXE-15BCEE4F.pf ----a-------- 19478
05/01/2014 11:10 C:\WINDOWS\Prefetch\NS4.TMP-2A7BDC2B.pf ----a-------- 7344
05/01/2014 11:10 C:\WINDOWS\Prefetch\PING.EXE-31216D26.pf ----a-------- 13890
05/01/2014 11:09 C:\WINDOWS\Prefetch\CCSETUP409.EXE-17837D82.pf ----a-------- 21114
04/01/2014 22:15 C:\WINDOWS\Prefetch\UPDATER.EXE-268E0338.pf ----a-------- 14340
04/01/2014 22:15 C:\WINDOWS\Prefetch\SKYPE.EXE-2CDF188C.pf ----a-------- 4346
04/01/2014 19:30 C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf ----a-------- 20138
04/01/2014 19:06 C:\WINDOWS\Prefetch\TBB-FIREFOX.EXE-111B1237.pf ----a-------- 55896
04/01/2014 19:05 C:\WINDOWS\Prefetch\TOR.EXE-2082A48F.pf ----a-------- 59304
04/01/2014 19:05 C:\WINDOWS\Prefetch\VIDALIA.EXE-15200C04.pf ----a-------- 51700
04/01/2014 19:05 C:\WINDOWS\Prefetch\START TOR BROWSER.EXE-36944254.pf ----a-------- 17264
04/01/2014 18:32 C:\WINDOWS\Prefetch\HL.EXE-2074CB98.pf ----a-------- 53672
04/01/2014 18:32 C:\WINDOWS\Prefetch\RUNDLL32.EXE-4CD273D1.pf ----a-------- 15916
04/01/2014 18:31 C:\WINDOWS\Prefetch\RUNDLL32.EXE-4783A6AD.pf ----a-------- 16022
04/01/2014 18:31 C:\WINDOWS\Prefetch\SXE INJECTED.EXE-1A1136B6.pf ----a-------- 58598
04/01/2014 18:04 C:\WINDOWS\Prefetch\DISKDEFRAG.EXE-2E3D2F0C.pf ----a-------- 44148
04/01/2014 18:04 C:\WINDOWS\Prefetch\AUSDISKDEFRAGPORTABLE.EXE-1D3C5E93.pf ----a-------- 53518
04/01/2014 17:20 C:\WINDOWS\Prefetch\SYSTEMEXPLORERSERVICE.EXE-066C1049.pf ----a-------- 12864
04/01/2014 17:20 C:\WINDOWS\Prefetch\SYSTEMEXPLORER.EXE-1A8A90FB.pf ----a-------- 41776
04/01/2014 00:12 C:\WINDOWS\Prefetch\TDSSKILLER.EXE-3924CA8A.pf ----a-------- 18634
31/12/2013 00:15 C:\WINDOWS\Prefetch\4C45AA4A-A002-4CA6-B313-E2D58-1502FF15.pf ----a-------- 10858
29/12/2013 04:12 C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf ----a-------- 21732
29/12/2013 03:08 C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf ----a-------- 14908
29/12/2013 03:08 C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf ----a-------- 23774
29/12/2013 03:05 C:\WINDOWS\Prefetch\HJT-RUNNERS.EXE-22A188D0.pf ----a-------- 44732
29/12/2013 02:51 C:\WINDOWS\Prefetch\HJT-ANALISE.EXE-31708330.pf ----a-------- 49690
29/12/2013 02:16 C:\WINDOWS\Prefetch\FERRAMENTAS DE ANALISE.EXE-2A0E378B.pf ----a-------- 41164
29/12/2013 02:11 C:\WINDOWS\Prefetch\HJT-SILENTRUNNERS.EXE-35B68B30.pf ----a-------- 56342
29/12/2013 01:13 C:\WINDOWS\Prefetch\HJT-ANALISE.EXE-2A52E27A.pf ----a-------- 60566
29/12/2013 01:03 C:\WINDOWS\Prefetch\HJT.EXE-0A40648C.pf ----a-------- 53580
28/12/2013 01:27 C:\WINDOWS\Prefetch\ZOEK.EXE-12B24AFA.pf ----a-------- 21070
28/12/2013 01:27 C:\WINDOWS\Prefetch\PEVZ.EXE-08B62764.pf ----a-------- 8846
28/12/2013 01:09 C:\WINDOWS\Prefetch\HJTSCANLIST.EXE-077FC9DD.pf ----a-------- 84284
28/12/2013 00:43 C:\WINDOWS\Prefetch\CATCHME.EXE-27B3A1C2.pf ----a-------- 10488
28/12/2013 00:43 C:\WINDOWS\Prefetch\TASKLIST.EXE-10D94B23.pf ----a-------- 19720
28/12/2013 00:16 C:\WINDOWS\Prefetch\HJT-SILENTRUNNERS.EXE-26F50434.pf ----a-------- 58512
28/12/2013 00:06 C:\WINDOWS\Prefetch\TASKKILL.EXE-0A8306E3.pf ----a-------- 19536
28/12/2013 00:05 C:\WINDOWS\Prefetch\2879663A-112F-4053-B543-BD50B-149B6B1D.pf ----a-------- 10894
22/12/2013 10:07 C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf ----a-------- 23672
01/01/2002 03:16 C:\WINDOWS\Prefetch\SYSTEMINFO.EXE-32ED1FAB.pf ----a-------- 20488
01/01/2002 01:18 C:\WINDOWS\Prefetch\HOSTNAME.EXE-279591F3.pf ----a-------- 13218
01/01/2002 00:31 C:\WINDOWS\Prefetch\RUNDLL32.EXE-4342BD14.pf ----a-------- 16138
01/01/2002 00:21 C:\WINDOWS\Prefetch\HELPHOST.EXE-247D2792.pf ----a-------- 26876
01/01/2002 00:21 C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf ----a-------- 27358
01/01/2002 00:21 C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf ----a-------- 61070
01/01/2002 00:09 C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf ----a-------- 1407210
01/01/2002 00:06 C:\WINDOWS\Prefetch\SHUTDOWN.EXE-12DAD820.pf ----a-------- 11920
01/01/2002 00:06 C:\WINDOWS\Prefetch\NIRCMD.EXE-0E148B03.pf ----a-------- 12100
01/01/2002 00:04 C:\WINDOWS\Prefetch\RUNDLL32.EXE-48D4BA30.pf ----a-------- 15622
01/01/2002 00:02 C:\WINDOWS\Prefetch\PEVZ.EXE-2DD2AB7C.pf ----a-------- 10884
----------------------------------------
C:\WINDOWS\Tasks
10/01/6615 00:06 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job ----a-------- 1064
17/01/2014 00:55 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FF530439-C404-452C-A8CB-DA2FE1CD6F2F}.job ----ah------- 448
04/01/2014 13:05 C:\WINDOWS\Tasks\Norton Security Scan for PC.job ----ah------- 450
08/11/2013 23:50 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job ----a-------- 300
14/04/2008 09:00 C:\WINDOWS\Tasks\desktop.ini ---r-h------- 65
01/01/2002 03:14 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job ----a-------- 902
01/01/2002 00:13 C:\WINDOWS\Tasks\avast Emergency Update.job ----ah------- 380
01/01/2002 00:08 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job ----a-------- 1060
01/01/2002 00:07 C:\WINDOWS\Tasks\SA.DAT ----ah------- 6
01/01/2002 00:07 C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job ----a-------- 518
----------------------------------------
C:\WINDOWS\Temp
10/01/6615 00:03 C:\WINDOWS\Temp\Cab14.tmp ----a-------- 54009
10/01/6615 00:03 C:\WINDOWS\Temp\Tar15.tmp ----a-------- 0
01/01/2002 03:24 C:\WINDOWS\Temp\_avast_ --d---------- 0
01/01/2002 00:08 C:\WINDOWS\Temp\HamachiSetup.log ----a-------- 3178
----------------------------------------
C:\DOCUME~1\PC\CONFIG~1\Temp
10/01/6615 00:01 C:\DOCUME~1\PC\CONFIG~1\Temp\_avast_ --d---------- 0
10/01/6615 00:01 C:\DOCUME~1\PC\CONFIG~1\Temp\WERe6a0.dir00 --d---------- 0
01/01/2002 01:34 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT1934.xml ----a-------- 793384
01/01/2002 01:34 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT1933.xml ----a-------- 426
01/01/2002 01:34 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT1932.xml ----a-------- 2062
01/01/2002 01:09 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT11C3.xml ----a-------- 793384
01/01/2002 01:09 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT11C2.xml ----a-------- 426
01/01/2002 01:09 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT11C1.xml ----a-------- 2062
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT45E.xml ----a-------- 793384
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT45D.xml ----a-------- 426
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT45C.xml ----a-------- 2062
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT42F.xml ----a-------- 793384
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT42E.xml ----a-------- 426
01/01/2002 00:22 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT42D.xml ----a-------- 2062
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT424.xml ----a-------- 793384
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT423.xml ----a-------- 426
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT422.xml ----a-------- 2062
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT3F3.xml ----a-------- 793384
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT3F2.xml ----a-------- 426
01/01/2002 00:21 C:\DOCUME~1\PC\CONFIG~1\Temp\IMT3F1.xml ----a-------- 2062
01/01/2002 00:08 C:\DOCUME~1\PC\CONFIG~1\Temp\2.tmp --d---------- 0
01/01/2002 00:01 C:\DOCUME~1\PC\CONFIG~1\Temp\WER02bd.dir00 --d---------- 0
----------------------------------------
C:\Documents and Settings\PC\Dados de aplicativos
13/12/2013 10:01 C:\Documents and Settings\PC\Dados de aplicativos\TeamViewer --d---------- 0
08/12/2013 02:02 C:\Documents and Settings\PC\Dados de aplicativos\Skype --d---------- 0
29/11/2013 23:08 C:\Documents and Settings\PC\Dados de aplicativos\LiveSupport.exe_log.txt ----a-------- 20036
29/11/2013 23:08 C:\Documents and Settings\PC\Dados de aplicativos\regsvr32.exe_log.txt ----a-------- 84
16/11/2013 12:03 C:\Documents and Settings\PC\Dados de aplicativos\Apple Computer --d---------- 0
16/11/2013 11:04 C:\Documents and Settings\PC\Dados de aplicativos\Nero --d---------- 0
16/11/2013 09:59 C:\Documents and Settings\PC\Dados de aplicativos\Canneverbe Limited --d---------- 0
10/11/2013 22:10 C:\Documents and Settings\PC\Dados de aplicativos\WinRAR --d---------- 0
08/11/2013 22:44 C:\Documents and Settings\PC\Dados de aplicativos\Unity --d---------- 0
13/10/2013 00:44 C:\Documents and Settings\PC\Dados de aplicativos\uTorrent --d---------- 0
12/09/2013 19:26 C:\Documents and Settings\PC\Dados de aplicativos\Runscanner.net --d---------- 0
25/08/2013 20:33 C:\Documents and Settings\PC\Dados de aplicativos\Adobe --d---------- 0
25/08/2013 14:44 C:\Documents and Settings\PC\Dados de aplicativos\ATI --d---------- 0
12/08/2013 05:29 C:\Documents and Settings\PC\Dados de aplicativos\Macromedia --d---------- 0
13/07/2013 17:05 C:\Documents and Settings\PC\Dados de aplicativos\Auslogics --d---------- 0
13/07/2013 16:57 C:\Documents and Settings\PC\Dados de aplicativos\Mozilla --d---------- 0
01/01/2002 00:21 C:\Documents and Settings\PC\Dados de aplicativos\Microsoft --d---s------ 0
10/01/1980 01:39 C:\Documents and Settings\PC\Dados de aplicativos\Identities --d---------- 0
09/01/1980 23:13 C:\Documents and Settings\PC\Dados de aplicativos\desktop.ini ----ahs------ 62
----------------------------------------
C:\Documents and Settings\PC
05/01/2014 11:11 C:\Documents and Settings\PC\Cookies --d--hs------ 0
29/12/2013 01:32 C:\Documents and Settings\PC\Meus documentos --dr--------- 0
22/12/2013 11:30 C:\Documents and Settings\PC\Menu Iniciar --dr--------- 0
11/12/2013 00:19 C:\Documents and Settings\PC\SendTo --dr-h------- 0
08/12/2013 00:13 C:\Documents and Settings\PC\Dados de aplicativos --dr-h------- 0
29/11/2013 23:43 C:\Documents and Settings\PC\Configurações locais --d--h------- 0
29/11/2013 21:48 C:\Documents and Settings\PC\AppData --d---------- 0
08/11/2013 22:36 C:\Documents and Settings\PC\Favoritos --dr--------- 0
30/10/2013 23:41 C:\Documents and Settings\PC\IECompatCache --d--hs------ 0
30/10/2013 23:40 C:\Documents and Settings\PC\PrivacIE --d--hs------ 0
30/10/2013 23:40 C:\Documents and Settings\PC\IETldCache --d--hs------ 0
26/08/2013 00:41 C:\Documents and Settings\PC\UserData --d--hs------ 0
01/01/2002 03:26 C:\Documents and Settings\PC\Desktop --d---------- 0
01/01/2002 03:25 C:\Documents and Settings\PC\ntuser.dat.LOG ----ah------- 28672
01/01/2002 03:25 C:\Documents and Settings\PC\Recent --dr-h------- 0
01/01/2002 00:06 C:\Documents and Settings\PC\ntuser.ini -----hs------ 210
01/01/2002 00:06 C:\Documents and Settings\PC\NTUSER.DAT ----ah------- 1572864
10/01/1980 01:19 C:\Documents and Settings\PC\Modelos --d--h------- 0
09/01/1980 23:13 C:\Documents and Settings\PC\Ambiente de impressão --d--h------- 0
09/01/1980 23:13 C:\Documents and Settings\PC\Ambiente de rede --d--h------- 0
----------------------------------------
C:\Arquivos de programas
10/01/6615 00:56 C:\Arquivos de programas\Complex --d---------- 0
10/01/6615 00:08 C:\Arquivos de programas\InstallShield Installation Information --d--h------- 0
10/01/6615 00:00 C:\Arquivos de programas\Mozilla Maintenance Service --d---------- 0
05/01/2014 11:10 C:\Arquivos de programas\CCleaner --d---------- 0
04/01/2014 18:31 C:\Arquivos de programas\sXe Injected --d---------- 0
04/01/2014 17:10 C:\Arquivos de programas\systemexplorer --d---------- 0
22/12/2013 14:21 C:\Arquivos de programas\WinRAR --d---------- 0
21/12/2013 11:16 C:\Arquivos de programas\Mozilla Firefox --d---------- 0
19/12/2013 00:04 C:\Arquivos de programas\LogMeIn Hamachi --d---------- 0
11/12/2013 00:14 C:\Arquivos de programas\TeamViewer --d---------- 0
01/12/2013 01:32 C:\Arquivos de programas\Valve --d---------- 0
30/11/2013 23:06 C:\Arquivos de programas\Skype --dr--------- 0
30/11/2013 16:49 C:\Arquivos de programas\Arquivos comuns --d---------- 0
29/11/2013 21:59 C:\Arquivos de programas\Sk.Enhancer --d---------- 0
29/11/2013 21:08 C:\Arquivos de programas\Malwarebytes Anti-Exploit --d---------- 0
26/11/2013 14:20 C:\Arquivos de programas\VS Revo Group --d---------- 0
16/11/2013 10:35 C:\Arquivos de programas\Microsoft Silverlight --d---------- 0
16/11/2013 09:59 C:\Arquivos de programas\CDBurnerXP --d---------- 0
10/11/2013 22:11 C:\Arquivos de programas\Sandboxie --d---------- 0
08/11/2013 23:53 C:\Arquivos de programas\Internet Explorer --d---------- 0
08/11/2013 23:53 C:\Arquivos de programas\QuickTime --d---------- 0
08/11/2013 23:50 C:\Arquivos de programas\Apple Software Update --d---------- 0
25/08/2013 20:41 C:\Arquivos de programas\Norton Security Scan --d---------- 0
25/08/2013 20:41 C:\Arquivos de programas\NortonInstaller --d---------- 0
25/08/2013 13:37 C:\Arquivos de programas\ATI Technologies --d---------- 0
25/08/2013 13:24 C:\Arquivos de programas\MSBuild --d---------- 0
25/08/2013 13:24 C:\Arquivos de programas\Reference Assemblies --d---------- 0
13/07/2013 16:35 C:\Arquivos de programas\Google --d---------- 0
13/07/2013 16:29 C:\Arquivos de programas\AVAST Software --d---------- 0
13/07/2013 16:21 C:\Arquivos de programas\Silicon Integrated Systems --d---------- 0
13/07/2013 16:17 C:\Arquivos de programas\Realtek AC97 --d---------- 0
13/07/2013 01:16 C:\Arquivos de programas\SiS VGA Utilities V3.93 --d---------- 0
13/07/2013 01:14 C:\Arquivos de programas\sisagp --d---------- 0
13/07/2013 01:14 C:\Arquivos de programas\SiSUnin --d---------- 0
13/07/2013 01:08 C:\Arquivos de programas\SlimDrivers --d---------- 0
24/06/2010 16:23 C:\Arquivos de programas\ATF-Cleaner.exe ----a-------- 50688
07/05/2010 19:18 C:\Arquivos de programas\ausdiskdefragportable.exe ----a-------- 1568008
10/01/1980 01:39 C:\Arquivos de programas\Uninstall Information --d--h------- 0
10/01/1980 01:24 C:\Arquivos de programas\xerox --d---------- 0
10/01/1980 01:24 C:\Arquivos de programas\microsoft frontpage --d---------- 0
10/01/1980 01:24 C:\Arquivos de programas\Windows Media Player --d---------- 0
10/01/1980 01:22 C:\Arquivos de programas\WindowsUpdate --d--h------- 0
10/01/1980 01:22 C:\Arquivos de programas\Serviços on-line --d---------- 0
10/01/1980 01:21 C:\Arquivos de programas\NetMeeting --d---------- 0
10/01/1980 01:21 C:\Arquivos de programas\Outlook Express --d---------- 0
10/01/1980 01:21 C:\Arquivos de programas\Movie Maker --d---------- 0
10/01/1980 01:19 C:\Arquivos de programas\ComPlus Applications --d---------- 0
10/01/1980 01:19 C:\Arquivos de programas\Messenger --d---------- 0
10/01/1980 01:19 C:\Arquivos de programas\MSN Gaming Zone --d---------- 0
10/01/1980 01:19 C:\Arquivos de programas\Windows NT --d---------- 0
----------------------------------------
C:\Documents and Settings\All Users\..
PC
User
Default User
All Users
NetworkService
Administrador
LocalService
----------------------------------------
C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
----------------------------------------
C:\Documents and Settings\PC\Desktop
05/01/2014 23:48 C:\Documents and Settings\PC\Desktop\merda.log ----a-------- 8774
29/12/2013 03:08 C:\Documents and Settings\PC\Desktop\relatorio.txt ----a-------- 22384
29/12/2013 02:23 C:\Documents and Settings\PC\Desktop\Ferramentas de analise --d---------- 0
25/12/2013 18:31 C:\Documents and Settings\PC\Desktop\zoek.exe ----a-------- 1281024
22/12/2013 11:30 C:\Documents and Settings\PC\Desktop\WinRAR.lnk ----a-------- 786
01/12/2013 00:49 C:\Documents and Settings\PC\Desktop\Atalho para cdhack.lnk ----a-------- 701
30/11/2013 16:45 C:\Documents and Settings\PC\Desktop\232-SkypeSetup.exe ----a-------- 1551008
30/11/2013 09:56 C:\Documents and Settings\PC\Desktop\sXe Injected.lnk ----a-------- 786
26/11/2013 14:20 C:\Documents and Settings\PC\Desktop\Revo Uninstaller.lnk ----a-------- 973
10/11/2013 22:11 C:\Documents and Settings\PC\Desktop\Navegador web em uma caixa.lnk ----a-------- 796
22/09/2013 13:57 C:\Documents and Settings\PC\Desktop\µTorrent.lnk ----a-------- 837
13/07/2013 17:04 C:\Documents and Settings\PC\Desktop\Desfragmentador.lnk ----a-------- 410
22/08/2003 09:22 C:\Documents and Settings\PC\Desktop\IconFactory.exe ----a-------- 376320
01/01/2002 03:26 C:\Documents and Settings\PC\Desktop\hjtscanlist.txt ----a-------- 55701
01/01/2002 03:22 C:\Documents and Settings\PC\Desktop\HJTscanlist.zip ----a-------- 2921
01/01/2002 03:16 C:\Documents and Settings\PC\Desktop\hjtscanlist2.txt ----a-------- 16836
01/01/2002 03:14 C:\Documents and Settings\PC\Desktop\HJTscanlist.bat ----a-------- 35839
----------------------------------------
Nome da imagem Identi Servi‡os
========================= ====== =============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 808 N/A
csrss.exe 864 N/A
winlogon.exe 892 N/A
services.exe 936 Eventlog, PlugPlay
lsass.exe 948 PolicyAgent, ProtectedStorage, SamSs
ati2evxx.exe 1136 Ati HotKey Poller
svchost.exe 1152 DcomLaunch, TermService
svchost.exe 1208 RpcSs
SbieSvc.exe 1356 SbieSvc
svchost.exe 1404 AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc,
EventSystem, FastUserSwitchingCompatibility,
helpsvc, LanmanServer, lanmanworkstation,
Netman, Nla, RasMan, Schedule, seclogon,
SENS, SharedAccess, ShellHWDetection,
srservice, TapiSrv, Themes, TrkWks, W32Time,
winmgmt, wscsvc, wuauserv, WZCSVC
svchost.exe 1552 Dnscache
svchost.exe 1600 LmHosts, RemoteRegistry, SSDPSRV, WebClient
AvastSvc.exe 1828 avast! Antivirus
spoolsv.exe 1988 Spooler
TeamViewer_Service.exe 1684 TeamViewer9
ati2evxx.exe 2044 N/A
hamachi-2.exe 396 Hamachi2Svc
explorer.exe 404 N/A
LMIGuardianSvc.exe 304 N/A
svchost.exe 2744 BITS
Sraid.exe 3188 N/A
AvastUI.exe 3196 N/A
ctfmon.exe 3280 N/A
alg.exe 2340 ALG
wscntfy.exe 3044 N/A
wmiprvse.exe 3420 N/A
firefox.exe 2072 N/A
msiexec.exe 460 MSIServer
cmd.exe 2016 N/A
tasklist.exe 2656 N/A
wmiprvse.exe 1548 N/A
***** Ende des Scans ter 01/01/2002 um 3:26:01,84 ***
Última edição por Brando lee em Seg 20 Jan 2014, 01:54, editado 3 vez(es)
Convidado- Convidado
Relatório [b]HJTScanlit2.txt[/b]
por Convidado Dom 15 Dez 2013, 15:29
Na Opção [2] gera o relatório abaixo;
Relatório HJTScanlit2.txt:
[
Relatório HJTScanlit2.txt:
[
- Código:
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows XP [versão 5.1.2600]
ter 01/01/2002
03:15
----------------------------------------
#######((Disco Local/Dipositivos removiveis))#######
Caption Compressed Description FileSystem Size
A: Unidade de disquete de 3 1/2 polegadas
C: FALSE Disco fixo local NTFS 16742285312
D: FALSE Disco fixo local NTFS 12872527872
E: Disco CD-ROM
----------------------------------------
#######(Arquivos Ocultos)#######
((Encontrado))C:\IO.SYS
((Encontrado))C:\MSDOS.SYS
((Encontrado))C:\pagefile.sys
((Encontrado))C:\Arquivos de programas\LogMeIn Hamachi\hamachi.sys
((Encontrado))C:\Arquivos de programas\LogMeIn Hamachi\hamdrv.sys
((Encontrado))C:\WINDOWS\system32\drivers\hamachi.sys
----------------------------------------
#######((Processos Ativos))#######
ExecutablePath
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmic.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmic.exe
----------------------------------------
#######((Entradas de inicialização))#######
Caption=desktop
Command=desktop.ini
Description=desktop
Location=Startup
Name=desktop
SettingID=
User=AUTORIDADE NT\SYSTEM
Caption=CTFMON.EXE
Command=C:\WINDOWS\system32\CTFMON.EXE
Description=CTFMON.EXE
Location=HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=CTFMON.EXE
SettingID=
User=AUTORIDADE NT\SYSTEM
Caption=desktop
Command=desktop.ini
Description=desktop
Location=Startup
Name=desktop
SettingID=
User=CASA-54149FF9AD\PC
Caption=ctfmon.exe
Command=C:\WINDOWS\system32\ctfmon.exe
Description=ctfmon.exe
Location=HKU\S-1-5-21-1085031214-823518204-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=ctfmon.exe
SettingID=
User=CASA-54149FF9AD\PC
Caption=desktop
Command=desktop.ini
Description=desktop
Location=Startup
Name=desktop
SettingID=
User=.DEFAULT
Caption=CTFMON.EXE
Command=C:\WINDOWS\system32\CTFMON.EXE
Description=CTFMON.EXE
Location=HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=CTFMON.EXE
SettingID=
User=.DEFAULT
Caption=desktop
Command=desktop.ini
Description=desktop
Location=Common Startup
Name=desktop
SettingID=
User=All Users
Caption=SiSRaid
Command=C:\Arquivos de programas\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
Description=SiSRaid
Location=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=SiSRaid
SettingID=
User=All Users
Caption=avast
Command="C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui
Description=avast
Location=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=avast
SettingID=
User=All Users
Caption=APSDaemon
Command="C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe"
Description=APSDaemon
Location=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=APSDaemon
SettingID=
User=All Users
Caption=QuickTime Task
Command="C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
Description=QuickTime Task
Location=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Name=QuickTime Task
SettingID=
User=All Users
----------------------------------------
######(Chaves de Registro)######
REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
RegPath REG_SZ Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Text REG_SZ @shell32.dll,-30500
Type REG_SZ radio
CheckedValue REG_DWORD 0x1
ValueName REG_SZ Hidden
DefaultValue REG_DWORD 0x2
HKeyRoot REG_DWORD 0x80000001
HelpID REG_SZ shell.hlp#51105
----------------------------------------
######(Chaves de Registro)######
REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
FirstRunDisabled REG_DWORD 0x1
AntiVirusDisableNotify REG_DWORD 0x0
FirewallDisableNotify REG_DWORD 0x0
UpdatesDisableNotify REG_DWORD 0x0
AntiVirusOverride REG_DWORD 0x0
FirewallOverride REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall
----------------------------------------
######(Chaves de Registro)######
REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
disableregistrytools REG_DWORD 0x0
----------------------------------------
##########(Programas autorizados de Firewall)##########
Configuração dos programas permitidos para o perfil Domínio:
Modo Nome / Programa
-------------------------------------------------------------------
Habilit Diagnóstico de Rede para Windows XP / C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Habilit Assistência Remota / C:\WINDOWS\system32\sessmgr.exe
Configuração dos programas permitidos para o perfil Padrão:
Modo Nome / Programa
-------------------------------------------------------------------
Habilit Diagnóstico de Rede para Windows XP / C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Habilit Assistência Remota / C:\WINDOWS\system32\sessmgr.exe
Habilit uTorrent / C:\Documents and Settings\PC\Dados de aplicativos\uTorrent\uTorrent.exe
Habilit Servidor de registro Microsoft(C) / C:\WINDOWS\system32\regsvr32.exe
Habilit WebKit / C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\WebKit2WebProcess.exe
Habilit Plugin Container for Firefox / C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe
Habilit Half-Life Launcher / C:\Arquivos de programas\Valve\hl.exe
Habilit Skype / C:\Arquivos de programas\Skype\Phone\Skype.exe
Habilit Teamviewer Remote Control Application / C:\Arquivos de programas\TeamViewer\Version9\TeamViewer.exe
Habilit Teamviewer Remote Control Service / C:\Arquivos de programas\TeamViewer\Version9\TeamViewer_Service.exe
----------------------------------------
##########(Conexões Ativas)##########
ECHO está desativado.
Configuração de IP do Windows
ECHO está desativado.
Nome do host . . . . . . . . . . . :
Sufixo DNS primário. . . . . . . . :
Tipo de nó . . . . . . . . . . . . : desconhecido
Roteamento de IP ativado . . . . . : não
Proxy WINS ativado . . . . . . . . : não
ECHO está desativado.
Adaptador Ethernet Hamachi:
ECHO está desativado.
Sufixo DNS específico de conexão . :
Descrição . . . . . . . . . . . . . :
Endereço físico . . . . . . . . . . : 7A-79-19-10-DB-8E
DHCP ativado. . . . . . . . . . . . : Sim
Configuração automática ativada . . : Não
Endereço IP . . . . . . . . . . . . :
Máscara de sub-rede . . . . . . . . : 255.0.0.0
Gateway padrão. . . . . . . . . . . :
Servidor DHCP . . . . . . . . . . . : 25.0.0.1
Concessão obtida. . . . . . . . . . : terça-feira, 1 de janeiro de 2002 00:10:00
Concessão expira. . . . . . . . . . : quarta-feira, 1 de janeiro de 2003 00:10:00
ECHO está desativado.
Adaptador Ethernet Conexão local:
ECHO está desativado.
Estado da mídia . . . . . . . . . . . : mídia desconectada
Descrição . . . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adapter
Endereço físico . . . . . . . . . . :
ECHO está desativado.
Adaptador Ethernet Conexão de rede sem fio:
ECHO está desativado.
Sufixo DNS específico de conexão . :
Descrição . . . . . . . . . . . . . : TP-LINK TL-WN620G 11G Wireless Adapter
Endereço físico . . . . . . . . . . :
DHCP ativado. . . . . . . . . . . . : Não
Endereço IP . . . . . . . . . . . . :
Máscara de sub-rede . . . . . . . . : 255.255.255.0
Gateway padrão. . . . . . . . . . . :
Servidores DNS. . . . . . . . . . . :
----------------------------------------
##########(Informação do Sistema)##########
Nome do host:
Nome do sistema operacional: Microsoft Windows XP Professional
VersÆo do sistema operacional: 5.1.2600 Service Pack 3 compila‡Æo 2600
Fabricante do sistema operacional: Microsoft Corporation
Configura‡Æo do SO: Esta‡Æo de trabalho aut“noma
Tipo de compila‡Æo do sistema operacional: Multiprocessor Free
Propriet rio registrado: PC
Organiza‡Æo registrada: Casa
Identifica‡Æo do produto: 76503-640-8816093-23954
Data da instala‡Æo original: 10/1/1980, 01:27:30
Tempo de ativa‡Æo do sistema: N/A
Fabricante do sistema: System manufacturer
Modelo do sistema: System Product Name
Tipo de sistema: X86-based PC
Processador(es): 1 processador(es) instalado(s).
[01]: x86 Family 15 Model 2 Stepping 9 GenuineIntel ~2793 Mhz
VersÆo do BIOS: A M I - 9000507
Pasta do Windows: C:\WINDOWS
Pasta do sistema: C:\WINDOWS\system32
Inicializar dispositivo: \Device\HarddiskVolume1
Localidade do sistema: pt-br;Portuguˆs (Brasil)
Localidade de entrada: pt-br;Portuguˆs (Brasil)
Fuso hor rio: N/A
Mem¢ria f¡sica total: 1.023 MB
Mem¢ria f¡sica dispon¡vel: 504 MB
Mem¢ria virtual: tamanho m ximo: 2.048 MB
Mem¢ria virtual: dispon¡vel: 2.005 MB
Mem¢ria virtual: em uso: 43 MB
Local(is) de arquivo de pagina‡Æo: C:\pagefile.sys
Dom¡nio: GRUPO
Servidor de logon: \\CASA-54149FF9AD
Hotfix(es): 4 hotfix(es) instalado(s).
[01]: File 1
[02]: Q147222
[03]: KB942288-v3 - Update
[04]: XpsEPSC
placa(s) de rede: 3 NIC(s) instalado(s).
[01]: SiS 900-Based PCI Fast Ethernet Adapter
Nome da conexÆo: ConexÆo local
Status: M¡dia desconectada
##########(Programas Instalados)##########
Caption Vendor Version
Microsoft .NET Framework 3.0 Service Pack 1 Microsoft Corporation 3.1.21022
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTB Microsoft Corporation 3.1.21022
Microsoft .NET Framework 2.0 Service Pack 1 Microsoft Corporation 2.1.21022
Suporte para Aplicativos Apple Apple Inc. 2.3.4
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 8.0.59193
Apple Software Update Apple Inc. 2.1.3.127
SlimDrivers SlimWare Utilities, Inc. 2.2.30877
WebFldrs XP Microsoft Corporation 9.50.7523
ATI Catalyst Control Center 1.2.2314.20337
Zune Desktop Theme Microsoft Corporation 1.0.5341.0
swMSM Adobe Systems, Inc 12.0.0.1
LogMeIn Hamachi LogMeIn, Inc. 2.2.0.109
Google Update Helper Google Inc. 1.3.22.3
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTB Microsoft Corporation 2.1.21022
QuickTime Apple Inc. 7.74.80.86
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9.0.30729.4148
Microsoft Silverlight Microsoft Corporation 4.0.60831.0
Microsoft .NET Framework 3.5 Microsoft Corporation 3.5.21022
Skype™ 6.11 Skype Technologies S.A. 6.11.102
Microsoft .NET Framework 3.5 Language Pack - ptb Microsoft Corporation 3.5.21022
------------------Fim----------------------
Convidado- Convidado
Tópicos semelhantes» <!> Microsoft atualiza ferramenta antipirataria WGA para Windows XP Pro
» analise de log
» Analise de Log
» Análise de log
» Analise de Log!
» analise de log
» Analise de Log
» Análise de log
» Analise de Log!
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos