[code] Microsoft Windows [versÆo 6.1.7600] 26/06/2010 16:47 #######(Arquivos Ocultos)####### ((Encontrado))C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe --------- ((Encontrado))C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe --------- ((Encontrado))C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe --------- ((Encontrado))C:\Program Files\Windows Mail\WinMail.exe --------- ((Encontrado))C:\Users\Public\Documents\lqosif.exe --------- ((Encontrado))C:\Users\Public\Documents\tpnmei.exe --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-security-lsalookup-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-security-sddl-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-service-core-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-service-management-l1-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-service-management-l2-1-0.dll --------- ((Encontrado))C:\Windows\System32\api-ms-win-service-winsvc-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-security-lsalookup-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-security-sddl-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-service-core-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-service-management-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-service-management-l2-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minioapinamespace_31bf3856ad364e35_6.1.7600.16385_none_6c9a1ef812f0bb30\api-ms-win-service-winsvc-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-console-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-datetime-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-debug-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-delayload-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-errorhandling-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-fibers-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-file-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-handle-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-heap-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-interlocked-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-io-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-localization-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-localregistry-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-memory-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-misc-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-namedpipe-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-processenvironment-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-processthreads-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-profile-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-rtlsupport-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-string-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-synch-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-sysinfo-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-threadpool-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-util-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-xstate-l1-1-0.dll --------- ((Encontrado))C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-security-base-l1-1-0.dll --------- ((Encontrado))C:\hiberfil.sys --------- ((Encontrado))C:\IO.SYS --------- ((Encontrado))C:\MSDOS.SYS --------- ((Encontrado))C:\pagefile.sys --------- ---------------------------------------- #######((Processos Ativos))####### CommandLine CSName Description ExecutablePath ExecutionState Handle HandleCount InstallDate KernelModeTime MaximumWorkingSetSize MinimumWorkingSetSize Name OSName OtherOperationCount OtherTransferCount PageFaults PageFileUsage ParentProcessId PeakPageFileUsage PeakVirtualSize PeakWorkingSetSize Priority PrivatePageCount ProcessId QuotaNonPagedPoolUsage QuotaPagedPoolUsage QuotaPeakNonPagedPoolUsage QuotaPeakPagedPoolUsage ReadOperationCount ReadTransferCount SessionId Status TerminationDate ThreadCount UserModeTime VirtualSize WindowsVersion WorkingSetSize WriteOperationCount WriteTransferCount EDRICSON-PC System Idle Process 0 0 3116406250 System Idle Process Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 6.1.7600 24576 0 0 EDRICSON-PC System 4 268 186875000 System Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 2367 124374 3709 52 0 192 7614464 3528 8 53248 4 0 0 0 0 60 46234200 0 59 0 3801088 6.1.7600 1011712 441 49034072 \SystemRoot\System32\smss.exe EDRICSON-PC smss.exe 244 30 7968750 1380 200 smss.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 3367 8740 315 256 4 312 17027072 816 11 262144 244 1 9 6 34 12 37406 0 2 0 4145152 6.1.7600 815104 1522 247336 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 EDRICSON-PC csrss.exe C:\Windows\system32\csrss.exe 320 179 1718750 1380 200 csrss.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 291 6624 820 1120 312 1120 30248960 2824 13 1146880 320 5 66 5 66 23 18989 0 9 625000 30248960 6.1.7600 2891776 0 0 wininit.exe EDRICSON-PC wininit.exe C:\Windows\system32\wininit.exe 356 70 4375000 1380 200 wininit.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 942 3292 1020 852 312 996 46739456 3308 13 872448 356 4 63 5 90 3 18432 0 3 312500 30859264 6.1.7600 3317760 0 0 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 EDRICSON-PC csrss.exe C:\Windows\system32\csrss.exe 368 190 28906250 1380 200 csrss.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 3496 74040 21708 1272 348 1664 242794496 8724 13 1302528 368 8 71 11 468 3938 470859 1 8 6875000 34099200 6.1.7600 5672960 0 0 C:\Windows\system32\services.exe EDRICSON-PC services.exe C:\Windows\system32\services.exe 404 147 3437500 1380 200 services.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 550 4610 1401 2460 356 2748 24244224 5240 9 2519040 404 6 38 7 41 6 500800 0 9 2500000 23171072 6.1.7600 5165056 0 0 C:\Windows\system32\lsass.exe EDRICSON-PC lsass.exe C:\Windows\system32\lsass.exe 436 389 4687500 1380 200 lsass.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 1444 6686 2043 2208 356 2308 30330880 6732 9 2260992 436 9 55 11 55 492 30361 0 7 8593750 29556736 6.1.7600 6881280 542 336153 C:\Windows\system32\lsm.exe EDRICSON-PC lsm.exe C:\Windows\system32\lsm.exe 444 137 0 1380 200 lsm.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 67 512 741 1080 356 1124 14176256 2892 8 1105920 444 4 25 4 27 0 0 0 10 312500 13914112 6.1.7600 2920448 0 0 winlogon.exe EDRICSON-PC winlogon.exe C:\Windows\system32\winlogon.exe 452 94 3281250 1380 200 winlogon.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 846 1224 1480 1000 348 1148 48812032 3748 13 1024000 452 4 39 6 92 5 30720 1 3 468750 19873792 6.1.7600 3772416 0 0 C:\Windows\system32\svchost.exe -k DcomLaunch EDRICSON-PC svchost.exe C:\Windows\system32\svchost.exe 572 337 7656250 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 289 1836 1855 2492 404 2632 33439744 6496 8 2551808 572 7 54 9 55 0 0 0 11 6562500 32104448 6.1.7600 6549504 0 0 C:\Windows\system32\svchost.exe -k RPCSS EDRICSON-PC svchost.exe C:\Windows\system32\svchost.exe 636 165 1250000 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 111 5720 1219 1620 404 1620 22433792 4460 8 1658880 636 6 44 6 44 0 0 0 8 1406250 22425600 6.1.7600 4567040 0 0 C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted EDRICSON-PC svchost.exe C:\Windows\System32\svchost.exe 712 180 4843750 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 355 818 2229 4872 404 4900 29061120 7388 8 4988928 712 5 44 6 49 1222 73020624 0 10 7500000 28770304 6.1.7600 7540736 41 442520 C:\Windows\system32\svchost.exe -k netsvcs EDRICSON-PC svchost.exe C:\Windows\system32\svchost.exe 784 329 8906250 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 358 24716 9071 7324 404 26660 68263936 30384 8 7499776 784 8 56 9 60 2771 32268376 0 16 44843750 65642496 6.1.7600 11378688 0 0 C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted EDRICSON-PC svchost.exe C:\Windows\system32\svchost.exe 820 113 625000 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 62 356 931 1020 404 1104 23441408 3584 8 1044480 820 4 45 4 46 0 0 0 4 0 22654976 6.1.7600 3633152 1 4096 C:\Windows\system32\svchost.exe -k NetworkService EDRICSON-PC svchost.exe C:\Windows\system32\svchost.exe 860 95 1718750 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 1182 121602 2338 7368 404 7400 46399488 5496 8 7544832 860 9 52 12 52 75 2502656 0 6 781250 46137344 6.1.7600 5435392 54 120832 "C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe" EDRICSON-PC psksvc.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe 892 92 468750 1380 200 psksvc.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 140 796 1749 1916 404 1948 31281152 6924 8 1961984 892 5 38 5 38 4 3416490 0 8 156250 29003776 6.1.7600 7053312 0 0 C:\Windows\Explorer.EXE EDRICSON-PC explorer.exe C:\Windows\Explorer.EXE 1088 987 158281250 1380 200 explorer.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 70702 7508788 35455 28220 1080 39512 334389248 52540 8 28897280 1088 32 502 35 556 903 1840909 1 30 93750000 299831296 6.1.7600 49999872 4 372 ctfmon.exe EDRICSON-PC ctfmon.exe C:\Windows\system32\ctfmon.exe 1132 95 468750 1380 200 ctfmon.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 166 148 1432 1648 1088 1692 33280000 3480 8 1687552 1132 5 65 5 66 0 0 1 3 156250 32751616 6.1.7600 3551232 0 0 cmd /c ""C:\HJT\HJTScanlist.cmd" " EDRICSON-PC cmd.exe C:\Windows\system32\cmd.exe 1460 26 57343750 1380 200 cmd.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 81272 814920 24017 2440 1440 2892 31367168 3456 8 2498560 1460 3 57 3 57 8049 3525467 1 1 29218750 31367168 6.1.7600 3223552 4521 274342 \??\C:\Windows\system32\conhost.exe EDRICSON-PC conhost.exe C:\Windows\system32\conhost.exe 1468 46 15625000 1380 200 conhost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 55 284 892 812 368 812 41046016 3344 8 831488 1468 3 81 3 81 1 60 1 2 468750 41046016 6.1.7600 3424256 0 0 C:\Windows\System32\svchost.exe -k secsvcs EDRICSON-PC svchost.exe C:\Windows\System32\svchost.exe 1932 332 5156250 1380 200 svchost.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 535 9578 33312 60716 404 88792 149721088 92392 8 62173184 1932 19 97 19 115 3094 12316143 0 15 65937500 149606400 6.1.7600 26652672 29 1724 /CONTEXTUAL"C:\Users\Edricson\AppData\Local\Temp\pav83AD.tmp" EDRICSON-PC pavjobs.exe C:\Program Files\Panda Security\Panda Internet Security 2010\PAVJOBS.EXE 1964 163 4687500 1380 200 pavjobs.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 890 11130 5981 8776 1088 8776 105959424 16388 8 8986624 1964 13 160 13 161 1449 4848918 1 11 4531250 105959424 6.1.7600 16781312 3 1333 WMIC Process list EDRICSON-PC WMIC.exe C:\Windows\SYSTEM32\WBEM\WMIC.exe 1056 158 1093750 1380 200 WMIC.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 214 938 1955 3136 1460 3188 67567616 7100 8 3211264 1056 7 114 7 114 3 2866 1 6 312500 67567616 6.1.7600 7225344 0 0 C:\Windows\system32\wbem\wmiprvse.exe EDRICSON-PC WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe 1036 119 625000 1380 200 WmiPrvSE.exe Microsoft Windows 7 Home Premium |C:\Windows|\Device\Harddisk0\Partition2 110 526 1351 2012 572 2012 26615808 5024 8 2060288 1036 5 47 5 47 0 0 0 7 312500 26591232 6.1.7600 5144576 0 0 ---------------------------------------- ##########(Entradas de Registro)########## HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Apoint REG_SZ C:\Program Files\Apoint2K\Apoint.exe PowerManager REG_SZ C:\Program Files\Power Manager\PM.exe APVXDWIN REG_SZ "C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s SCANINICIO REG_SZ "C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" Malwarebytes Anti-Malware (reboot) REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript Malwarebytes' Anti-Malware REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Disabled (Auslogics Startup Manager) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents ---------------------------------------- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ---------------------------------------- ---------------------------------------- ##########(Entradas de Registro)########## ---------------------------------------- ######(Chaves de Registro)###### HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL RegPath REG_SZ Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced Text REG_SZ @shell32.dll,-30500 Type REG_SZ radio CheckedValue REG_DWORD 0x1 ValueName REG_SZ Hidden DefaultValue REG_DWORD 0x2 HKeyRoot REG_DWORD 0x80000001 HelpID REG_SZ shell.hlp#51105 ---------------------------------------- ######(Chaves de Registro)###### HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center cval REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc ---------------------------------------- ######(Chaves de Registro)###### HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system LogonHoursAction REG_DWORD 0x2 DontDisplayLogonHoursWarnings REG_DWORD 0x1 ---------------------------------------- ##########(Authorized Applications List)########## ---------------------------------------- ##########(Authorized Applications List)########## HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules SSTP-IN-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=443|App=System|Name=@sstpsvc.dll,-35002|Desc=@sstpsvc.dll,-35003|EmbedCtxt=@sstpsvc.dll,-35001| Netlogon-NamedPipe-In REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| SNMPTRAP-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=162|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\snmptrap.exe|Svc=SNMPTRAP|Name=@snmptrap.exe,-7|Desc=@snmptrap.exe,-8|EmbedCtxt=@snmptrap.exe,-3| SNMPTRAP-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=162|App=%SystemRoot%\system32\snmptrap.exe|Svc=SNMPTRAP|Name=@snmptrap.exe,-7|Desc=@snmptrap.exe,-8|EmbedCtxt=@snmptrap.exe,-3| WMP-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|App=%ProgramFiles%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31003|Desc=@FirewallAPI.dll,-31006|EmbedCtxt=@FirewallAPI.dll,-31002| WMP-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|App=%ProgramFiles%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31007|Desc=@FirewallAPI.dll,-31010|EmbedCtxt=@FirewallAPI.dll,-31002| WMP-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|App=%ProgramFiles%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31011|Desc=@FirewallAPI.dll,-31014|EmbedCtxt=@FirewallAPI.dll,-31002| WMPNSS-QWave-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31253|Desc=@FirewallAPI.dll,-31256|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-Out-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31257|Desc=@FirewallAPI.dll,-31260|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31261|Desc=@FirewallAPI.dll,-31264|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31265|Desc=@FirewallAPI.dll,-31268|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-HTTPSTR-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=10243|App=System|Name=@FirewallAPI.dll,-31285|Desc=@FirewallAPI.dll,-31288|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-HTTPSTR-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=10243|App=System|Name=@FirewallAPI.dll,-31289|Desc=@FirewallAPI.dll,-31292|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31293|Desc=@FirewallAPI.dll,-31296|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-Out-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31297|Desc=@FirewallAPI.dll,-31300|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31301|Desc=@FirewallAPI.dll,-31304|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31305|Desc=@FirewallAPI.dll,-31308|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-Out-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31309|Desc=@FirewallAPI.dll,-31312|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31313|Desc=@FirewallAPI.dll,-31316|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31317|Desc=@FirewallAPI.dll,-31320|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31253|Desc=@FirewallAPI.dll,-31256|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31257|Desc=@FirewallAPI.dll,-31260|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31261|Desc=@FirewallAPI.dll,-31264|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-QWave-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31265|Desc=@FirewallAPI.dll,-31268|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-SSDPSrv-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@FirewallAPI.dll,-31269|Desc=@FirewallAPI.dll,-31272|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-SSDPSrv-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@FirewallAPI.dll,-31273|Desc=@FirewallAPI.dll,-31276|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-UPnPHost-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Public|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-31277|Desc=@FirewallAPI.dll,-31280|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-UPnPHost-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-31281|Desc=@FirewallAPI.dll,-31284|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-HTTPSTR-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|LPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-31285|Desc=@FirewallAPI.dll,-31288|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-HTTPSTR-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-31289|Desc=@FirewallAPI.dll,-31292|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31293|Desc=@FirewallAPI.dll,-31296|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31297|Desc=@FirewallAPI.dll,-31300|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-WMP-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31301|Desc=@FirewallAPI.dll,-31304|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31305|Desc=@FirewallAPI.dll,-31308|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31309|Desc=@FirewallAPI.dll,-31312|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31313|Desc=@FirewallAPI.dll,-31316|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe|Name=@FirewallAPI.dll,-31317|Desc=@FirewallAPI.dll,-31320|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-UPnP-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=upnphost|Name=@FirewallAPI.dll,-31321|Desc=@FirewallAPI.dll,-31322|EmbedCtxt=@FirewallAPI.dll,-31252| WMPNSS-RME-HTTP-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=10245|App=System|Name=@FirewallAPI.dll,-31501|Desc=@FirewallAPI.dll,-31502|EmbedCtxt=@FirewallAPI.dll,-31500|Edge=TRUE|Defer=App| Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202| Collab-P2PHost-In-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32003|Desc=@FirewallAPI.dll,-32006|EmbedCtxt=@FirewallAPI.dll,-32002|Edge=TRUE|Defer=App| Collab-P2PHost-Out-TCP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32007|Desc=@FirewallAPI.dll,-32010|EmbedCtxt=@FirewallAPI.dll,-32002| Collab-P2PHost-WSD-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32011|Desc=@FirewallAPI.dll,-32014|EmbedCtxt=@FirewallAPI.dll,-32002| Collab-P2PHost-WSD-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32015|Desc=@FirewallAPI.dll,-32018|EmbedCtxt=@FirewallAPI.dll,-32002| Collab-PNRP-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3540|App=%SystemRoot%\system32\svchost.exe|Svc=PNRPSvc|Name=@FirewallAPI.dll,-32019|Desc=@FirewallAPI.dll,-32022|EmbedCtxt=@FirewallAPI.dll,-32002|Edge=TRUE|Defer=App| Collab-PNRP-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3540|App=%SystemRoot%\system32\svchost.exe|Svc=PNRPSvc|Name=@FirewallAPI.dll,-32023|Desc=@FirewallAPI.dll,-32026|EmbedCtxt=@FirewallAPI.dll,-32002| Collab-PNRP-SSDPSrv-In-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-32027|Desc=@FirewallAPI.dll,-32030|EmbedCtxt=@FirewallAPI.dll,-32002| Collab-PNRP-SSDPSrv-Out-UDP REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-32031|Desc=@FirewallAPI.dll,-32034|EmbedCtxt=@FirewallAPI.dll,-32002| RemoteAssistance-In-TCP-EdgeScope REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33003|Desc=@FirewallAPI.dll,-33006|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App| RemoteAssistance-Out-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33007|Desc=@FirewallAPI.dll,-33010|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-PnrpSvc-UDP-In-EdgeScope REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=3540|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33039|Desc=@FirewallAPI.dll,-33040|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App| RemoteAssistance-PnrpSvc-UDP-OUT REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Public|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33037|Desc=@FirewallAPI.dll,-33038|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-RAServer-In-TCP-NoScope-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\raserver.exe|Name=@FirewallAPI.dll,-33011|Desc=@FirewallAPI.dll,-33014|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-RAServer-Out-TCP-NoScope-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\raserver.exe|Name=@FirewallAPI.dll,-33015|Desc=@FirewallAPI.dll,-33018|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-DCOM-In-TCP-NoScope-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-33035|Desc=@FirewallAPI.dll,-33036|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-In-TCP-EdgeScope-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33003|Desc=@FirewallAPI.dll,-33006|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App| RemoteAssistance-Out-TCP-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|App=%SystemRoot%\system32\msra.exe|Name=@FirewallAPI.dll,-33007|Desc=@FirewallAPI.dll,-33010|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-SSDPSrv-In-UDP-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33019|Desc=@FirewallAPI.dll,-33022|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-SSDPSrv-Out-UDP-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33023|Desc=@FirewallAPI.dll,-33026|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-SSDPSrv-In-TCP-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33027|Desc=@FirewallAPI.dll,-33030|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-SSDPSrv-Out-TCP-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-33031|Desc=@FirewallAPI.dll,-33034|EmbedCtxt=@FirewallAPI.dll,-33002| RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=3540|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33039|Desc=@FirewallAPI.dll,-33040|EmbedCtxt=@FirewallAPI.dll,-33002|Edge=TRUE|Defer=App| RemoteAssistance-PnrpSvc-UDP-OUT-Active REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@FirewallAPI.dll,-33037|Desc=@FirewallAPI.dll,-33038|EmbedCtxt=@FirewallAPI.dll,-33002| FPS-NB_Session-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Session-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=139|App=System|Name=@FirewallAPI.dll,-28507|Desc=@FirewallAPI.dll,-28510|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SMB-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SMB-Out-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=445|App=System|Name=@FirewallAPI.dll,-28515|Desc=@FirewallAPI.dll,-28518|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Name-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Name-Out-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=137|App=System|Name=@FirewallAPI.dll,-28523|Desc=@FirewallAPI.dll,-28526|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Datagram-In-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Datagram-Out-UDP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|Name=@FirewallAPI.dll,-28531|Desc=@FirewallAPI.dll,-28534|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SpoolSvc-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-RPCSS-In-TCP-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP4-ERQ-In-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP4-ERQ-Out-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28544|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP6-ERQ-In-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP6-ERQ-Out-NoScope REG_SZ v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28546|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Session-In-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Session-Out-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28507|Desc=@FirewallAPI.dll,-28510|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SMB-In-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SMB-Out-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28515|Desc=@FirewallAPI.dll,-28518|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Name-In-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Name-Out-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28523|Desc=@FirewallAPI.dll,-28526|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Datagram-In-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-NB_Datagram-Out-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28531|Desc=@FirewallAPI.dll,-28534|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-SpoolSvc-In-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-RPCSS-In-TCP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP4-ERQ-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP4-ERQ-Out REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|Name=@FirewallAPI.dll,-28544|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP6-ERQ-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-ICMP6-ERQ-Out REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-28546|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-LLMNR-In-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502| FPS-LLMNR-Out-UDP REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28550|Desc=@FirewallAPI.dll,-28551|EmbedCtxt=@FirewallAPI.dll,-28502| CoreNet-ICMP6-DU-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=1:*|App=System|Name=@FirewallAPI.dll,-25110|Desc=@FirewallAPI.dll,-25112|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE| CoreNet-ICMP6-PTB-In REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|ICMP6=2:*|App=System|Name=@FirewallAPI.dll,-25001|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000|Edge=TRUE| CoreNet-ICMP6-PTB-Out REG_SZ v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=2:*|Name=@FirewallAPI.dll,-25002|Desc=@FirewallAPI.dll,-25007|EmbedCtxt=@FirewallAPI.dll,-25000| ---------------------------------------- ##########(Conexões Ativas)########## Conexäes ativas Proto Endere‡o local Endere‡o externo Estado ---------------------------------------- ##########(Explorer\MountPoints2)########## HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\shell\AutoRun (padrÆo) REG_SZ Instale ou execute programas da m¡dia SetWorkingDirectoryFromTarget REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\shell\AutoRun\command (padrÆo) REG_SZ E:\AutoRun.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\_Autorun\DefaultIcon (padrÆo) REG_SZ E:\Startup.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963} _CommentFromDesktopINI REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963}\shell (padrÆo) REG_SZ None HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963}\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f804593-a4bb-11de-b0d9-806e6f6e6963}\_Autorun\DefaultIcon (padrÆo) REG_SZ D:\InternetSecurity\PSWLRes.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\shell\AutoRun (padrÆo) REG_SZ Instale ou execute programas da m¡dia SetWorkingDirectoryFromTarget REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\shell\AutoRun\command (padrÆo) REG_SZ E:\AutoRun.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{323e61e5-804f-11df-b92d-00140b374500}\_Autorun\DefaultIcon (padrÆo) REG_SZ E:\Startup.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\shell\AutoRun (padrÆo) REG_SZ Instale ou execute programas da m¡dia SetWorkingDirectoryFromTarget REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\shell\AutoRun\command (padrÆo) REG_SZ E:\AutoRun.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a54b-7ff8-11df-b702-00140b374500}\_Autorun\DefaultIcon (padrÆo) REG_SZ E:\Startup.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\shell\AutoRun (padrÆo) REG_SZ Instale ou execute programas da m¡dia SetWorkingDirectoryFromTarget REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\shell\AutoRun\command (padrÆo) REG_SZ E:\AutoRun.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3261a56f-7ff8-11df-b702-00140b374500}\_Autorun\DefaultIcon (padrÆo) REG_SZ E:\Startup.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\shell\AutoRun (padrÆo) REG_SZ Instale ou execute programas da m¡dia SetWorkingDirectoryFromTarget REG_SZ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\shell\AutoRun\command (padrÆo) REG_SZ E:\AutoRun.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\_Autorun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d24fb45-1951-11df-8b1f-00140b374500}\_Autorun\DefaultIcon (padrÆo) REG_SZ E:\Startup.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6155a71e-f313-11de-a449-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6155a71e-f313-11de-a449-00140b374500}\shell (padrÆo) REG_SZ None HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6155a71e-f313-11de-a449-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6155a71e-f313-11de-a449-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ac96748-1777-11df-bc65-00140b374500} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ac96748-1777-11df-bc65-00140b374500}\shell (padrÆo) REG_SZ AutoRun HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ac96748-1777-11df-bc65-00140b374500}\shell\Autoplay MUIVerb REG_SZ @shell32.dll,-8507 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ac96748-1777-11df-bc65-00140b374500}\shell\Autoplay\DropTarget CLSID REG_SZ {F26A669A-BCBB-4E37-ABF9-7325DA15F931} ---------------------------------------- [/code]