Ir para conteúdo

Foto

Arquivos ISSetup e msiexe.exe pedem acesso à internet!

issetup ; msiexec ; launcher

Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
13 respostas neste tópico

#1
Ivandro

Ivandro

    Novato

  • Novato
  • Pip
  • 14 posts

Boa tarde,

De dias pra cá meu firewall(ZoneAlarm) começou a dar avisos de que os arquivos issetup e o msiexec.exe querem ter acesso à internet. Estranho pois só eu utilizo e configuro este pc e nada foi instalado ultimamente.
Estes 2 arquivos pedem acesso sempre quando ligo o pc de manhã cedo e depois pede novamente no início da tarde, mas onde o pc se encontra já ligado, é como se tivesse um horário programado pra querer acesso.
Segue abaixo a descrição do aviso do firewall do primeiro arquivo:

"Setup Launcher Unicode may be trying to prevent 'ISSetup' from running each time your computer is started by modfying the registry key: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN"

O outro arquivo:

"Setup Launcher Unicode is trying to launch C:\Windows\SysWOW64\msiexec.exe, or use another program to gain acess to privileged resources"

Obrigado

Ivandro

Arquivo(s) anexado(s)



#2
JoseMelo

JoseMelo

    Assistente Profissional

  • Assistente Profissional
  • 128.636 posts

Provavelmente algum aplicativo sendo atualizado.

 

- Faça o download do Malwarebytes Anti-Malware
  • Desative o antivírus;
  • Faça a instalação dando um duplo clique em "mbam-setup.exe";
  • Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
  • Marque "Verificação Completa" e depois clique em Verificar;
  • Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
  • Se algo for detectado, veja se tudo está marcado e clique em "Remover";
  • O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
  • Copie e cole o conteúdo desse log na sua próxima resposta.
  • - Poste novo log do HijackThis.


    #3
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    Boa tarde,

    Segue abaixo:

    =============MBAM

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Versão da Base de Dados:  v2013.09.01.04

    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    NOTE :: NOTE-HP [administrador]

    01/09/2013 12:19:00
    mbam-log-2013-09-01 (12-19-00).txt

    Tipo de Verificação:  Verificação Completa  (C:\|)
    Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
    Opções de verificação desativadas: P2P
    Objetos escaneados:  352800
    Tempo decorrido: 45 minuto(s), 27 segundo(s)

    Processos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Módulos de Memória Detectados: 0
    (Não foram detectados ítens maliciosos)

    Chaves de Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Valores de Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Itens de Dados no Registro Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Pastas Detectadas: 0
    (Não foram detectados ítens maliciosos)

    Arquivos Detectados: 2
    C:\Users\NOTE\AppData\Local\Temp\aFdSG4cB.exe.part (PUP.Optional.Installex) -> Enviado para a Quarentena e deletado com sucesso.
    C:\Users\NOTE\AppData\Local\Temp\PvMLkT5_.exe.part (PUP.Optional.OneClickDownloader.A) -> Enviado para a Quarentena e deletado com sucesso.

    (fim)
     

    =================HIJACKTHIS

    Logfile of HijackThis v1.99.1
    Scan saved at 14:05:47, on 01/09/2013
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)

    Running processes:
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\unimake\uninfe\mon\danfemon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\NOTE\Desktop\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cobian Backup 10 Interface] "C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe" -service
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [DANFEmon] c:\unimake\uninfe\danfemon.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O11 - Options group: [INTERNATIONAL] International
    O13 - Gopher Prefix:
    O15 - Trusted Zone: bankline.itau.com.br
    O15 - Trusted Zone: clickbanking.itau.com.br
    O15 - Trusted Zone: guardiao.itau.com.br
    O15 - Trusted Zone: www.itau.com.br
    O15 - Trusted Zone: *.itau.com.br
    O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://certapp01.ce...pts/capicom.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
    O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
    O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
    O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
    O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
     



    #4
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)

    Sistema desatualizado. Execute o Windows Update no Painel de Controle > Procurar atualizações e instale as que estiverem disponíveis.

     

    - Faça o download do OTL de OldTimer e salve-o no desktop:
  • Feche todas as janelas e execute a ferramenta.
  • Marque as opções Verificar Lop e Verificar Purity
  • - Selecione estas linhas abaixo, clique com o direito sobre a seleção, e escolha a opção copiar:
    netsvcs
    msconfig
    drivers32
    %systemroot%\system32\drivers\*.* /90
    %userprofile%\*.*
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %ALLUSERSPROFILE%\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\Internet Explorer\*.*
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    %userprofile%\AppData\Local\temp\*.*
    - Volte ao programa, clique com o botão direito do mouse em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar;
    - Clique no botão Verificar;
    - Anexe o log do OTL.

     



    #5
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    Bom dia,

    Segue log do OTL:

     

    OTL Extras logfile created on: 03/09/2013 10:10:43 - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\NOTE\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
     
    2,96 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,41% Memory free
    5,93 Gb Paging File | 4,14 Gb Available in Paging File | 69,83% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149,05 Gb Total Space | 93,34 Gb Free Space | 62,62% Space Free | Partition Type: NTFS
    Drive E: | 967,22 Mb Total Space | 229,08 Mb Free Space | 23,68% Space Free | Partition Type: FAT
     
    Computer Name: NOTE-HP | User Name: NOTE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00B2D60D-5724-4C1F-8C7F-CA89ACFE1274}" = lport=138 | protocol=17 | dir=in | app=system |
    "{0B2EBA65-D491-4B5B-81D1-7D710320C251}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{3455F09E-BF09-42FC-997D-2FF4199835E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{3694D060-5045-420D-AA38-C410363C458A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{4CE2BB1C-F6CD-4C79-966C-28F2E8F9126F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{4D461830-CBC1-4E62-A562-48FDE10EEB60}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5232B541-8698-4C42-A421-BDB293A34836}" = rport=139 | protocol=6 | dir=out | app=system |
    "{6047B762-927A-43B7-9819-B9E296D3BCCB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{724248AD-B72B-404D-A417-D55DE1E8B46D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{7A2723F6-B630-4794-B35C-A166B114D417}" = lport=139 | protocol=6 | dir=in | app=system |
    "{7E2D7D59-1448-449F-B8B6-EDC9F88573D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{978F201D-7751-4204-9BB8-655FEBB7259D}" = lport=445 | protocol=6 | dir=in | app=system |
    "{A9832043-2CA5-4EED-A75E-579224B0FE88}" = rport=445 | protocol=6 | dir=out | app=system |
    "{A9E8B7BF-A63E-4014-8972-8EC7F8CFBFC8}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{B33C4514-4C9E-40DC-B71C-6C90EC1857F1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B4D0678F-39ED-4A83-AEC2-750A0A5D0AE1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{B7822861-992C-4E6C-AC79-0D9AABBF545B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B8042D39-B403-492F-8CF8-4ECA06055B11}" = rport=137 | protocol=17 | dir=out | app=system |
    "{D784FEC4-AC11-4552-9806-5A17699E8B86}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E0F1F09D-036E-4680-8ADB-582B99D0BF7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{E394B359-7267-453A-98B7-9CBEEDD988A9}" = lport=137 | protocol=17 | dir=in | app=system |
    "{E7DDAB82-DF1C-422A-BB5D-C88D450E66F3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E8793F85-635E-45EF-B576-C31EA9BDADEB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{F6C0A163-5EA7-4BA4-ADAE-9828E132951B}" = rport=138 | protocol=17 | dir=out | app=system |
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0238155C-9F85-4471-9336-B4AABF3455A9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{105827AE-6F09-49DF-BA46-5CABDF11F3C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{15A5C3E6-22D4-4E13-B129-DA9BDA6A886F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{1B095A5D-7EE9-48DB-9D3F-01E50A3C9408}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{1D7C31A3-7EBA-4365-B03D-9CC7635584D7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{202AABCF-648B-46F9-A33E-0910035A72DE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{3419DCB5-2EDA-47A2-A970-8CCC055EB3CB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{3DD20BFA-542D-4459-974C-4F5E93DAD74F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{42CA0664-88A4-43EA-B314-1B774A6BB096}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
    "{4457035A-4267-466C-9613-AA7BBD4297B8}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{459B1DCE-6E99-48B0-A550-049EFFCE8DED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{5F4A7CA9-1C15-408A-AC2F-7ED385081C5D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{61BCBB70-0DCE-4077-9D34-BE7D9398D523}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{68199F4E-5546-4941-87F0-9403BD51E41B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{8074F871-98C1-42B1-99C8-27085ED609C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8E6C86BE-5CB3-467D-B204-E4A55B742B67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{8F9EA99A-8FEF-4664-902D-8859212F25AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{9702D025-1E55-4888-B6FC-C1A8A2498B64}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A3C5E541-CF49-4416-A186-4447A63D14F3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A5053D23-105D-41FA-8733-699B4F061E2C}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
    "{B031AA32-80A4-4992-9126-783F8811FD0E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{B6B3B269-14C1-4C3C-9698-AF5EC447E548}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{C0ED91A1-5FB8-467E-A4E0-1E0EFF6FA5F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C6624AD7-9480-4B05-A042-EC216BB9071D}" = protocol=6 | dir=out | app=system |
    "{EF781923-8725-4494-9D79-23996881EF11}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F51C175C-5290-4A10-995B-D83153EE7480}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{FC5BC165-38B8-4D1C-A957-E80CAF089271}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "TCP Query User{2F4FDE50-A62F-4766-A8BA-027F03C6E11B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "UDP Query User{6DE8D3F6-D457-4716-A6FD-1D721A2073C7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
    "_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
    "{0C6A0300-181F-400D-80C2-833A7E7461ED}" = Nitro Pro 8
    "{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
    "{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
    "{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
    "{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
    "{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
    "{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
    "{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
    "{4337D507-533C-4FDE-BA2F-DC93E56784B8}" = HP 3D DriveGuard
    "{5846E720-C188-478F-B501-45EA1ACC44D1}_is1" = MailShare
    "{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
    "{6C8EEF0B-C4BE-35A7-BF08-7C3C667EB62A}" = Microsoft .NET Framework 4 Extended PTB Language Pack
    "{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
    "{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
    "{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
    "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{8EF2B1E1-4D7A-43FA-92C5-61DB6F0524C4}" = CorelDRAW Graphics Suite X6 - BR (x64)
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
    "{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
    "{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.03
    "{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
    "{90F60416-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) Portuguese (Brazil)
    "{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Touch Pad Driver
    "{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
    "{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
    "{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
    "{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
    "{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
    "{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
    "{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
    "{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
    "CCleaner" = CCleaner
    "HDMI" = Intel® Graphics Media Accelerator Driver
    "MediaInfo" = MediaInfo 0.7.61
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
    "ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
    "{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
    "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = você 9.0 Runtime
    "{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.112.08260
    "{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
    "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
    "{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
    "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
    "{236BB7C4-4419-42FD-0416-1E257A25E34D}" = Adobe Photoshop CS2
    "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
    "{325988C2-8D7B-460E-8F6F-4747129CA495}" = ZoneAlarm Security
    "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
    "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
    "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
    "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
    "{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
    "{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
    "{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
    "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
    "{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}" = Sony Sound Forge 9.0
    "{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}" = ZoneAlarm Firewall
    "{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1" = GBBD Banco Itau 3.2.0.2
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
    "{77E33D87-255E-413E-9C8D-EED2A7F9BEBF}" = Nero Live Help
    "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
    "{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
    "{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
    "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
    "{85243696-5E58-4357-9CF8-3498C609941D}" = NeroLiveGadget Help
    "{866510b1-d363-4e1d-a07d-5a505809cd42}" = Nero 9
    "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
    "{8EDBA74D-0686-4C99-BFDD-F894678E5103}" = Adobe Common File Installer
    "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
    "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
    "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
    "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
    "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
    "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
    "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
    "{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
    "{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
    "{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
    "{9E9FDDE6-2C26-492A-85A0-05646B3F2795}" = NeroLiveGadget
    "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
    "{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
    "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
    "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
    "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
    "{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
    "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
    "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
    "{BE72FB31-7A89-44FA-9E32-56E17F3114BD}" = Assistente do certificado digital
    "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
    "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
    "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
    "{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
    "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
    "{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}" = Sony Noise Reduction Plug-In 2.0e
    "{D5940AE3-7244-11D6-BAB7-00010332BA5B}" = SISCOB
    "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
    "{DF6A95F5-ADC1-406A-BDC6-2AA7CC0182AA}" = Nero Live
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
    "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
    "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
    "{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
    "{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
    "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.155
    "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
    "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
    "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
    "{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
    "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
    "5513-1208-7298-9440" = JDownloader 0.9
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0416-1E257A25E34D}" = Adobe Photoshop CS2
    "AviSynth" = AviSynth 2.5
    "BurnAware Free_is1" = BurnAware Free 5.5
    "CobBackup10" = Cobian Backup 10
    "DANFE Mon - Monitor do UniDANFe" = DANFE Mon - Monitor do UniDANFe
    "DVD Decrypter" = DVD Decrypter (Remove Only)
    "DVDFab 8 Qt_is1" = DVDFab 8.2.2.2 (23/11/2012) Qt
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "FairUse Wizard 2" = FairUse Wizard 2
    "HijackThis" = HijackThis 1.99.1
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
    "IRPF2012" = IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
    "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.5
    "MainApp.exe_is1" = CloneDVD 5.5.0.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.75.0.1300
    "MKVtoolnix" = MKVtoolnix 3.4.0
    "Mozilla Firefox 22.0 (x86 pt-BR)" = Mozilla Firefox 22.0 (x86 pt-BR)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Mp3tag" = Mp3tag v2.53
    "Physis Nfe convert TXT_is1" = Physis Nfe convert TXT
    "ST6UNST #1" = Sistema de Contas a Pagar e Receber
    "TeamViewer 7" = TeamViewer 7
    "UniDANFe 3.x" = UniDANFe 3.x
    "Update Engine" = Sony Ericsson Update Engine
    "uTorrent" = µTorrent
    "WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0
    "WinRAR archiver" = WinRAR archiver
    "ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 01/09/2013 10:20:51 | Computer Name = NOTE-HP | Source = SideBySide | ID = 16842832
    Description = Falha na geração de contexto de ativação para "C:\Program Files (x86)\Nero\Nero
     9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Erro no arquivo de manifesto ou
    de diretiva "", na linha.  Uma versão de componente exigida pelo aplicativo está em
     conflito com outra versão de componente já ativa.  Os componentes conflitantes são:.
    Componente
     1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
    Componente
     2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
     
    Error - 02/09/2013 06:39:44 | Computer Name = NOTE-HP | Source = Application Hang | ID = 1002
    Description = O programa javaw.exe versão 7.0.250.17 parou de interagir com o Windows
     e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique
     o histórico de problemas no painel de controle da Central de Ações.    ID de Processo:
     d6c    Hora de Início: 01cea7c89a12a426    Hora de Término: 9    Caminho do Aplicativo: C:\Program
     Files (x86)\Java\jre7\bin\javaw.exe    Id do Relatório:   
     
    Error - 02/09/2013 07:59:24 | Computer Name = NOTE-HP | Source = SideBySide | ID = 16842832
    Description = Falha na geração de contexto de ativação para "C:\Program Files (x86)\Nero\Nero
     9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Erro no arquivo de manifesto ou
    de diretiva "", na linha.  Uma versão de componente exigida pelo aplicativo está em
     conflito com outra versão de componente já ativa.  Os componentes conflitantes são:.
    Componente
     1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
    Componente
     2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
     
    Error - 03/09/2013 08:02:00 | Computer Name = NOTE-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
    Description = O aplicativo ou serviço 'TrueVector Internet Monitor' não pôde ser
     encerrado.
     
    Error - 03/09/2013 08:02:00 | Computer Name = NOTE-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
    Description = O aplicativo ou serviço 'TrueVector Internet Monitor' não pôde ser
     encerrado.
     
    Error - 03/09/2013 08:02:35 | Computer Name = NOTE-HP | Source = MsiInstaller | ID = 11935
    Description =
     
    Error - 03/09/2013 08:07:17 | Computer Name = NOTE-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
    Description = O aplicativo ou serviço 'TrueVector Internet Monitor' não pôde ser
     encerrado.
     
    Error - 03/09/2013 08:07:17 | Computer Name = NOTE-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
    Description = O aplicativo ou serviço 'TrueVector Internet Monitor' não pôde ser
     encerrado.
     
    Error - 03/09/2013 08:07:26 | Computer Name = NOTE-HP | Source = MsiInstaller | ID = 11935
    Description =
     
    Error - 03/09/2013 09:01:45 | Computer Name = NOTE-HP | Source = ESENT | ID = 215
    Description = WinMail (2640) WindowsMail0: O backup parou porque ele foi interrompido
     pelo cliente ou houve falha na conexão com o cliente.
     
    [ OSession Events ]
    Error - 25/04/2013 10:12:11 | Computer Name = NOTE-HP | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
     12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4446
     seconds with 480 seconds of active time.  This session ended with a crash.
     
    Error - 25/04/2013 10:19:07 | Computer Name = NOTE-HP | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
     12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 32
     seconds with 0 seconds of active time.  This session ended with a crash.
     
    [ System Events ]
    Error - 04/06/2013 11:35:36 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:38 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:40 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:47 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:51 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:56 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:35:57 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:36:10 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 04/06/2013 11:36:13 | Computer Name = NOTE-HP | Source = Schannel | ID = 36888
    Description = O seguinte alerta fatal foi gerado: 10. O estado do erro interno é
     10.
     
    Error - 13/06/2013 16:31:28 | Computer Name = NOTE-HP | Source = Disk | ID = 262155
    Description = O driver detectou um erro de controlador em \Device\Harddisk2\DR2.
     
     
    < End of report >
     

     

    Obrigado!

    Acima era EXTRAS do OTL, segue log em anexo

     

    Obrigado

     

    Ivandro



    #6
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts

    Esse é o Extras.txt, preciso do OTL.txt.



    #7
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    Ontem estava dando erro no post dizendo que era muito grande!

    Segue abaixo:

    Obrigado

    PARTE 1

     

    OTL logfile created on: 03/09/2013 10:10:43 - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\NOTE\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
     
    2,96 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,41% Memory free
    5,93 Gb Paging File | 4,14 Gb Available in Paging File | 69,83% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149,05 Gb Total Space | 93,34 Gb Free Space | 62,62% Space Free | Partition Type: NTFS
    Drive E: | 967,22 Mb Total Space | 229,08 Mb Free Space | 23,68% Space Free | Partition Type: FAT
     
    Computer Name: NOTE-HP | User Name: NOTE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2013/09/03 07:32:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NOTE\Desktop\OTL.exe
    PRC - [2013/07/31 07:25:53 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2013/07/11 06:55:43 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    PRC - [2013/06/10 14:39:24 | 000,409,144 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
    PRC - [2013/05/11 07:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/01/02 13:10:28 | 002,448,032 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    PRC - [2013/01/02 12:38:50 | 000,073,984 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    PRC - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
    PRC - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    PRC - [2011/01/13 05:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastUI.exe
    PRC - [2011/01/13 05:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010/07/13 09:53:20 | 003,152,384 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
    PRC - [2010/07/13 09:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe
    PRC - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    PRC - [2009/06/18 14:19:30 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2013/07/31 07:25:52 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2013/07/11 06:55:43 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2009/07/22 08:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/07/08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
    SRV:64bit: - [2009/06/03 01:13:02 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
    SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
    SRV - [2013/08/21 10:49:32 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/07/31 07:25:52 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/06/10 14:39:24 | 000,409,144 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
    SRV - [2013/05/11 07:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
    SRV - [2013/01/02 13:10:28 | 002,448,032 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
    SRV - [2012/11/22 11:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Arquivos de Programas\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
    SRV - [2012/09/18 13:28:32 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2012/09/18 13:28:28 | 000,230,920 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
    SRV - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
    SRV - [2011/01/13 05:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010/11/30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Arquivos de Programas\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
    SRV - [2010/07/13 09:53:18 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe -- (CobianBackup10)
    SRV - [2010/07/13 09:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/07/22 08:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe -- (STacSV)
    SRV - [2009/06/18 14:19:30 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
    SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/03 01:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
    SRV - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2012/12/13 10:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
    DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/01/13 05:41:44 | 000,273,488 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2011/01/13 05:41:42 | 000,490,064 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2011/01/13 05:40:20 | 000,051,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2011/01/13 05:37:34 | 000,029,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
    DRV:64bit: - [2011/01/13 05:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2011/01/13 05:37:12 | 000,020,560 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 10:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 10:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 08:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2010/11/20 06:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2009/08/27 07:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/07/22 18:03:54 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
    DRV:64bit: - [2009/07/22 08:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/10 05:45:12 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
    DRV:64bit: - [2009/07/08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
    DRV:64bit: - [2009/07/08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
    DRV:64bit: - [2009/06/10 18:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/12 17:39:00 | 000,239,152 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV:64bit: - [2009/03/01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV - [2012/11/22 11:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Arquivos de Programas\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
    DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/06/16 11:05:16 | 000,025,592 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\Arquivos de Programas\HP Note\Bios\iscflashx64.sys -- (iscFlash)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.startup.homepage: "www.google.com.br"
    FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E8873%7D:3.2.0
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/uni: C:\Users\NOTE\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
     
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/02/08 07:06:59 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/02/08 07:07:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/31 07:25:54 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E8873}: C:\Users\NOTE\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2013/07/31 08:04:55 | 000,000,000 | ---D | M]
     
    [2012/12/20 11:46:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NOTE\AppData\Roaming\mozilla\Extensions
    [2013/07/31 08:04:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NOTE\AppData\Roaming\mozilla\Firefox\Profiles\yc0ry9kf.default\extensions
    [2013/07/31 07:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
    [2013/07/31 07:25:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
    [2013/07/31 07:25:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/07/31 08:04:55 | 000,000,000 | ---D | M] (Guardião itaú 30 horas) -- C:\USERS\NOTE\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\UNI\XPI
     
    O1 HOSTS File: ([2013/07/31 08:04:35 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Arquivos de Programas\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Arquivos de Programas\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Arquivos de Programas\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Arquivos de Programas\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Arquivos de Programas\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Arquivos de Programas\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
    O4 - HKLM..\Run: [DANFEmon] c:\unimake\uninfe\danfemon.exe ()
    O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: itau.com.br ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: itau.com.br ([bankline] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: itau.com.br ([clickbanking] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: itau.com.br ([guardiao] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: itau.com.br ([www] * in Trusted sites)
    O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://certapp01.ce...pts/capicom.cab (Settings Class)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E04AA7B-7719-44A1-A4A1-4ED7BE8BFF60}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Program Files (x86)\GbPlugin\gbiehUni.dll) - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{9cd8c4db-7db0-11e2-b206-00265525539c}\Shell - "" = AutoRun
    O33 - MountPoints2\{9cd8c4db-7db0-11e2-b206-00265525539c}\Shell\AutoRun\command - "" = E:\Startme.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
     
    MsConfig:64bit - StartUpFolder: C:^Users^NOTE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk - C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE - (Adobe Systems, Inc.)
    MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    MsConfig:64bit - StartUpReg: Sony PC Companion - hkey= - key= - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
    MsConfig:64bit - StartUpReg: SysTrayApp - hkey= - key= - C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
    MsConfig:64bit - State: "services" - Reg Error: Key error.
    MsConfig:64bit - State: "startup" - Reg Error: Key error.
     
    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.DIVX - C:\Windows\SysWow64\divx.dll (DivX, Inc.)
    Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
    Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
    Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013/09/03 08:36:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
    [2013/09/03 08:35:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
    [2013/09/03 08:29:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2013/09/03 08:29:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2013/09/03 08:29:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/09/03 08:29:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/09/03 08:29:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2013/09/03 08:29:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2013/09/03 08:29:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2013/09/03 08:29:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2013/09/03 08:29:40 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/09/03 08:29:40 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2013/09/03 08:29:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2013/09/03 08:29:39 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013/09/03 08:29:37 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013/09/03 08:29:37 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/09/03 08:29:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2013/09/03 08:13:28 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
    [2013/09/03 08:13:28 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
    [2013/09/03 08:13:19 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
    [2013/09/03 08:13:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
    [2013/09/03 08:13:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
    [2013/09/03 08:13:13 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2013/09/03 08:13:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
    [2013/09/03 08:13:05 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
    [2013/09/03 08:13:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssrvlic.dll
    [2013/09/03 08:13:03 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
    [2013/09/03 08:13:03 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pmcsnap.dll
    [2013/09/03 08:13:01 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
    [2013/09/03 08:13:01 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
    [2013/09/03 08:13:00 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
    [2013/09/03 08:13:00 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2013/09/03 08:12:59 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
    [2013/09/03 08:12:59 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
    [2013/09/03 08:12:58 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
    [2013/09/03 08:12:58 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
    [2013/09/03 08:12:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
    [2013/09/03 08:12:57 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
    [2013/09/03 08:12:57 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
    [2013/09/03 08:12:57 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
    [2013/09/03 08:12:57 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
    [2013/09/03 08:12:56 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
    [2013/09/03 08:12:55 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
    [2013/09/03 08:12:55 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
    [2013/09/03 08:12:54 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
    [2013/09/03 08:12:54 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ppcsnap.dll
    [2013/09/03 08:12:54 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PushPrinterConnections.exe
    [2013/09/03 08:12:53 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
    [2013/09/03 08:12:52 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
    [2013/09/03 08:12:52 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
    [2013/09/03 08:12:51 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
    [2013/09/03 08:12:51 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
    [2013/09/03 08:12:50 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
    [2013/09/03 08:12:50 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
    [2013/09/03 08:12:50 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
    [2013/09/03 08:12:49 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
    [2013/09/03 08:12:48 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
    [2013/09/03 08:12:48 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
    [2013/09/03 08:12:48 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
    [2013/09/03 08:12:48 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
    [2013/09/03 08:12:47 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
    [2013/09/03 08:12:47 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2013/09/03 08:12:46 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
    [2013/09/03 08:12:45 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
    [2013/09/03 08:12:44 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
    [2013/09/03 08:12:44 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
    [2013/09/03 08:12:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
    [2013/09/03 08:12:44 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
    [2013/09/03 08:12:44 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
    [2013/09/03 08:12:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
    [2013/09/03 08:12:43 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
    [2013/09/03 08:12:43 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
    [2013/09/03 08:12:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
    [2013/09/03 08:12:42 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
    [2013/09/03 08:12:42 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2013/09/03 08:12:42 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
    [2013/09/03 08:12:41 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
    [2013/09/03 08:12:40 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
    [2013/09/03 08:12:40 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
    [2013/09/03 08:12:40 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
    [2013/09/03 08:12:39 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
    [2013/09/03 08:12:38 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
    [2013/09/03 08:12:38 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
    [2013/09/03 08:12:37 | 000,079,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvgumd32.dll
    [2013/09/03 08:12:36 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
    [2013/09/03 08:12:35 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
    [2013/09/03 08:12:35 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
    [2013/09/03 08:12:34 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
    [2013/09/03 08:12:33 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
    [2013/09/03 08:12:33 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
    [2013/09/03 08:12:32 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
    [2013/09/03 08:12:32 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
    [2013/09/03 08:12:31 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
    [2013/09/03 08:12:30 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
    [2013/09/03 08:12:30 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
    [2013/09/03 08:12:30 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
    [2013/09/03 08:12:30 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
    [2013/09/03 08:12:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PushPrinterConnections.exe
    [2013/09/03 08:12:28 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
    [2013/09/03 08:12:28 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
    [2013/09/03 08:12:28 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
    [2013/09/03 08:12:28 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
    [2013/09/03 08:12:27 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
    [2013/09/03 08:12:27 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
    [2013/09/03 08:12:26 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
    [2013/09/03 08:12:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2013/09/03 08:12:26 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
    [2013/09/03 08:12:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
    [2013/09/03 08:12:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LSCSHostPolicy.dll
    [2013/09/03 08:12:25 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
    [2013/09/03 08:12:25 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
    [2013/09/03 08:12:25 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
    [2013/09/03 08:12:24 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
    [2013/09/03 08:12:24 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
    [2013/09/03 08:12:24 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
    [2013/09/03 08:12:24 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
    [2013/09/03 08:12:24 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
    [2013/09/03 08:12:24 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
    [2013/09/03 08:12:23 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
    [2013/09/03 08:12:23 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
    [2013/09/03 08:12:23 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
    [2013/09/03 08:12:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
    [2013/09/03 08:12:22 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
    [2013/09/03 08:12:22 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
    [2013/09/03 08:12:22 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
    [2013/09/03 08:12:22 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgr.dll
    [2013/09/03 08:12:22 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
    [2013/09/03 08:12:22 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
    [2013/09/03 08:12:22 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
    [2013/09/03 08:12:21 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
    [2013/09/03 08:12:21 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
    [2013/09/03 08:12:21 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
    [2013/09/03 08:12:21 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
    [2013/09/03 08:12:20 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
    [2013/09/03 08:12:20 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
    [2013/09/03 08:12:20 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
    [2013/09/03 08:12:20 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
    [2013/09/03 08:12:20 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
    [2013/09/03 08:12:20 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
    [2013/09/03 08:12:20 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
    [2013/09/03 08:12:20 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
    [2013/09/03 08:12:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
    [2013/09/03 08:12:19 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
    [2013/09/03 08:12:18 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
    [2013/09/03 08:12:18 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
    [2013/09/03 08:12:18 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
    [2013/09/03 08:12:18 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
    [2013/09/03 08:12:18 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
    [2013/09/03 08:12:18 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
    [2013/09/03 08:12:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
    [2013/09/03 08:12:16 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
    [2013/09/03 08:12:16 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
    [2013/09/03 08:12:16 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
    [2013/09/03 08:12:15 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2013/09/03 08:12:15 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2013/09/03 08:12:15 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
    [2013/09/03 08:12:14 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
    [2013/09/03 08:12:14 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
    [2013/09/03 08:12:14 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
    [2013/09/03 08:12:14 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
    [2013/09/03 08:12:14 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
    [2013/09/03 08:12:14 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscobj.dll
    [2013/09/03 08:12:14 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
    [2013/09/03 08:12:14 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
    [2013/09/03 08:12:13 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
    [2013/09/03 08:12:13 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
    [2013/09/03 08:12:13 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
    [2013/09/03 08:12:13 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
    [2013/09/03 08:12:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
    [2013/09/03 08:12:12 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
    [2013/09/03 08:12:12 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
    [2013/09/03 08:12:12 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp.dll
    [2013/09/03 08:12:12 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
    [2013/09/03 08:12:11 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
    [2013/09/03 08:12:11 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
    [2013/09/03 08:12:11 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
    [2013/09/03 08:12:11 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
    [2013/09/03 08:12:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
    [2013/09/03 08:12:10 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
    [2013/09/03 08:12:10 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
    [2013/09/03 08:12:10 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
    [2013/09/03 08:12:10 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
    [2013/09/03 08:12:09 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
    [2013/09/03 08:12:09 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
    [2013/09/03 08:12:09 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
    [2013/09/03 08:12:09 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
    [2013/09/03 08:12:08 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
    [2013/09/03 08:12:08 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
    [2013/09/03 08:12:08 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
    [2013/09/03 08:12:08 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
    [2013/09/03 08:12:08 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tspubwmi.dll
    [2013/09/03 08:12:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
    [2013/09/03 08:12:07 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
    [2013/09/03 08:12:06 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
    [2013/09/03 08:12:06 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
    [2013/09/03 08:12:06 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
    [2013/09/03 08:12:06 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
    [2013/09/03 08:12:06 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
    [2013/09/03 08:12:06 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
    [2013/09/03 08:12:06 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
    [2013/09/03 08:12:06 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
    [2013/09/03 08:12:06 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
    [2013/09/03 08:12:05 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
    [2013/09/03 08:12:05 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
    [2013/09/03 08:12:05 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
    [2013/09/03 08:12:05 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
    [2013/09/03 08:12:03 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
    [2013/09/03 08:12:03 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicsvc.exe
    [2013/09/03 08:12:03 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
    [2013/09/03 08:12:03 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
    [2013/09/03 08:12:02 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
    [2013/09/03 08:12:02 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
    [2013/09/03 08:12:02 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
    [2013/09/03 08:12:02 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
    [2013/09/03 08:12:02 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
    [2013/09/03 08:12:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
    [2013/09/03 08:12:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
    [2013/09/03 08:12:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2013/09/03 08:12:02 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp.dll
    [2013/09/03 08:12:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
    [2013/09/03 08:12:01 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
    [2013/09/03 08:12:01 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
    [2013/09/03 08:12:00 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
    [2013/09/03 08:12:00 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
    [2013/09/03 08:12:00 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
    [2013/09/03 08:12:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
    [2013/09/03 08:12:00 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
    [2013/09/03 08:12:00 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appmgr.dll
    [2013/09/03 08:12:00 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
    [2013/09/03 08:12:00 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
    [2013/09/03 08:12:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
    [2013/09/03 08:12:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
    [2013/09/03 08:11:59 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
    [2013/09/03 08:11:59 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
    [2013/09/03 08:11:59 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
    [2013/09/03 08:11:59 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
    [2013/09/03 08:11:58 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
    [2013/09/03 08:11:58 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
    [2013/09/03 08:11:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
    [2013/09/03 08:11:58 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
    [2013/09/03 08:11:58 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
    [2013/09/03 08:11:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
    [2013/09/03 08:11:57 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
    [2013/09/03 08:11:56 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
    [2013/09/03 08:11:56 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
    [2013/09/03 08:11:56 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
    [2013/09/03 08:11:56 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
    [2013/09/03 08:11:56 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
    [2013/09/03 08:11:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
    [2013/09/03 08:11:56 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
    [2013/09/03 08:11:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
    [2013/09/03 08:11:56 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
    [2013/09/03 08:11:56 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
    [2013/09/03 08:11:55 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
    [2013/09/03 08:11:55 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
    [2013/09/03 08:11:55 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
    [2013/09/03 08:11:55 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
    [2013/09/03 08:11:54 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
    [2013/09/03 08:11:54 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
    [2013/09/03 08:11:54 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
    [2013/09/03 08:11:54 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
    [2013/09/03 08:11:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
    [2013/09/03 08:11:53 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
    [2013/09/03 08:11:53 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
    [2013/09/03 08:11:52 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
    [2013/09/03 08:11:52 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
    [2013/09/03 08:11:52 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
    [2013/09/03 08:11:52 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
    [2013/09/03 08:11:52 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
    [2013/09/03 08:11:52 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
    [2013/09/03 08:11:52 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
    [2013/09/03 08:11:51 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
    [2013/09/03 08:11:51 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
    [2013/09/03 08:11:51 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
    [2013/09/03 08:11:51 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
    [2013/09/03 08:11:50 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
    [2013/09/03 08:11:50 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
    [2013/09/03 08:11:50 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
    [2013/09/03 08:11:50 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
    [2013/09/03 08:11:49 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
    [2013/09/03 08:11:49 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
    [2013/09/03 08:11:48 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
    [2013/09/03 08:11:48 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
    [2013/09/03 08:11:48 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
    [2013/09/03 08:11:48 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
    [2013/09/03 08:11:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
    [2013/09/03 08:11:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
    [2013/09/03 08:11:47 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
    [2013/09/03 08:11:47 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
    [2013/09/03 08:11:47 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrptadm.dll
    [2013/09/03 08:11:47 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
    [2013/09/03 08:11:47 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
    [2013/09/03 08:11:46 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
    [2013/09/03 08:11:46 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
    [2013/09/03 08:11:46 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
    [2013/09/03 08:11:45 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
    [2013/09/03 08:11:45 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
    [2013/09/03 08:11:45 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
    [2013/09/03 08:11:44 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
    [2013/09/03 08:11:44 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
    [2013/09/03 08:11:44 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
    [2013/09/03 08:11:44 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
    [2013/09/03 08:11:43 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
    [2013/09/03 08:11:43 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
    [2013/09/03 08:11:43 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
    [2013/09/03 08:11:43 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
    [2013/09/03 08:11:43 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
    [2013/09/03 08:11:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
    [2013/09/03 08:11:42 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
    [2013/09/03 08:11:42 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
    [2013/09/03 08:11:42 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
    [2013/09/03 08:11:42 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
    [2013/09/03 08:11:42 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
    [2013/09/03 08:11:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
    [2013/09/03 08:11:42 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
    [2013/09/03 08:11:41 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
    [2013/09/03 08:11:41 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
    [2013/09/03 08:11:41 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrptadm.dll
    [2013/09/03 08:11:41 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
    [2013/09/03 08:11:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
    [2013/09/03 08:11:40 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
    [2013/09/03 08:11:40 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
    [2013/09/03 08:11:40 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
    [2013/09/03 08:11:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
    [2013/09/03 08:11:40 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
    [2013/09/03 08:11:40 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
    [2013/09/03 08:11:40 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
    [2013/09/03 08:11:40 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
    [2013/09/03 08:11:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
    [2013/09/03 08:11:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
    [2013/09/03 08:11:39 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
    [2013/09/03 08:11:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
    [2013/09/03 08:11:38 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
    [2013/09/03 08:11:38 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
    [2013/09/03 08:11:38 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
    [2013/09/03 08:11:38 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscobj.dll
    [2013/09/03 08:11:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
    [2013/09/03 08:11:37 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
    [2013/09/03 08:11:37 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
    [2013/09/03 08:11:37 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
    [2013/09/03 08:11:37 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
    [2013/09/03 08:11:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
    [2013/09/03 08:11:36 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
    [2013/09/03 08:11:36 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
    [2013/09/03 08:11:36 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
    [2013/09/03 08:11:36 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
    [2013/09/03 08:11:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
    [2013/09/03 08:11:36 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
    [2013/09/03 08:11:35 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
    [2013/09/03 08:11:35 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
    [2013/09/03 08:11:35 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
    [2013/09/03 08:11:34 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
    [2013/09/03 08:11:34 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
    [2013/09/03 08:11:34 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
    [2013/09/03 08:11:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
    [2013/09/03 08:11:33 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
    [2013/09/03 08:11:33 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
    [2013/09/03 08:11:33 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
    [2013/09/03 08:11:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
    [2013/09/03 08:11:33 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
    [2013/09/03 08:11:32 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
    [2013/09/03 08:11:32 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
    [2013/09/03 08:11:32 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
    [2013/09/03 08:11:32 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
    [2013/09/03 08:11:32 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
    [2013/09/03 08:11:32 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
    [2013/09/03 08:11:32 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
    [2013/09/03 08:11:32 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
    [2013/09/03 08:11:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
    [2013/09/03 08:11:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
    [2013/09/03 08:11:31 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
    [2013/09/03 08:11:31 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
    [2013/09/03 08:11:31 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
    [2013/09/03 08:11:31 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
    [2013/09/03 08:11:31 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
    [2013/09/03 08:11:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
    [2013/09/03 08:11:30 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
    [2013/09/03 08:11:30 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
    [2013/09/03 08:11:30 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
    [2013/09/03 08:11:30 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
    [2013/09/03 08:11:30 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
    [2013/09/03 08:11:30 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
    [2013/09/03 08:11:30 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
    [2013/09/03 08:11:30 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
    [2013/09/03 08:11:30 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
    [2013/09/03 08:11:30 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
    [2013/09/03 08:11:30 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
    [2013/09/03 08:11:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
    [2013/09/03 08:11:29 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
    [2013/09/03 08:11:29 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
    [2013/09/03 08:11:29 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
    [2013/09/03 08:11:29 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
    [2013/09/03 08:11:29 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
    [2013/09/03 08:11:29 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
    [2013/09/03 08:11:29 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
    [2013/09/03 08:11:29 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
    [2013/09/03 08:11:29 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
    [2013/09/03 08:11:28 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
    [2013/09/03 08:11:28 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
    [2013/09/03 08:11:28 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
    [2013/09/03 08:11:28 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
    [2013/09/03 08:11:28 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
    [2013/09/03 08:11:28 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
    [2013/09/03 08:11:28 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
    [2013/09/03 08:11:28 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
    [2013/09/03 08:11:28 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
    [2013/09/03 08:11:27 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
    [2013/09/03 08:11:27 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
    [2013/09/03 08:11:27 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
    [2013/09/03 08:11:27 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
    [2013/09/03 08:11:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
    [2013/09/03 08:11:27 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpsign.exe
    [2013/09/03 08:11:26 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
    [2013/09/03 08:11:26 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
    [2013/09/03 08:11:26 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
    [2013/09/03 08:11:26 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
    [2013/09/03 08:11:26 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2013/09/03 08:11:26 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
    [2013/09/03 08:11:26 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
    [2013/09/03 08:11:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
    [2013/09/03 08:11:25 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
    [2013/09/03 08:11:25 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
    [2013/09/03 08:11:25 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
    [2013/09/03 08:11:25 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
    [2013/09/03 08:11:25 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
    [2013/09/03 08:11:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
    [2013/09/03 08:11:24 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
    [2013/09/03 08:11:24 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
    [2013/09/03 08:11:24 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
    [2013/09/03 08:11:24 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
    [2013/09/03 08:11:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
    [2013/09/03 08:11:24 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
    [2013/09/03 08:11:23 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
    [2013/09/03 08:11:23 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
    [2013/09/03 08:11:23 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
    [2013/09/03 08:11:22 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
    [2013/09/03 08:11:22 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
    [2013/09/03 08:11:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
    [2013/09/03 08:11:22 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
    [2013/09/03 08:11:22 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
    [2013/09/03 08:11:22 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
    [2013/09/03 08:11:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
    [2013/09/03 08:11:22 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys
    [2013/09/03 08:11:21 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
    [2013/09/03 08:11:21 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
    [2013/09/03 08:11:21 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
    [2013/09/03 08:11:20 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
    [2013/09/03 08:11:20 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
    [2013/09/03 08:11:20 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
    [2013/09/03 08:11:20 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
    [2013/09/03 08:11:20 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
    [2013/09/03 08:11:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
    [2013/09/03 08:11:20 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
    [2013/09/03 08:11:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
    [2013/09/03 08:11:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
    [2013/09/03 08:11:19 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
    [2013/09/03 08:11:19 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
    [2013/09/03 08:11:19 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
    [2013/09/03 08:11:18 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
    [2013/09/03 08:11:18 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
    [2013/09/03 08:11:18 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
    [2013/09/03 08:11:18 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
    [2013/09/03 08:11:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
    [2013/09/03 08:11:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
    [2013/09/03 08:11:18 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
    [2013/09/03 08:11:18 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
    [2013/09/03 08:11:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
    [2013/09/03 08:11:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
    [2013/09/03 08:11:17 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
    [2013/09/03 08:11:17 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
    [2013/09/03 08:11:16 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
    [2013/09/03 08:11:16 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
    [2013/09/03 08:11:16 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
    [2013/09/03 08:11:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
    [2013/09/03 08:11:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
    [2013/09/03 08:11:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
    [2013/09/03 08:11:15 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
    [2013/09/03 08:11:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
    [2013/09/03 08:11:15 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
    [2013/09/03 08:11:14 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
    [2013/09/03 08:11:14 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
    [2013/09/03 08:11:14 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
    [2013/09/03 08:11:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
    [2013/09/03 08:11:14 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
    [2013/09/03 08:11:14 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
    [2013/09/03 08:11:13 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
    [2013/09/03 08:11:13 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
    [2013/09/03 08:11:13 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
    [2013/09/03 08:11:13 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
    [2013/09/03 08:11:13 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
    [2013/09/03 08:11:12 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
    [2013/09/03 08:11:12 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
    [2013/09/03 08:11:12 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
    [2013/09/03 08:11:12 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
    [2013/09/03 08:11:12 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
    [2013/09/03 08:11:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2013/09/03 08:11:12 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
    [2013/09/03 08:11:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
    [2013/09/03 08:11:12 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
    [2013/09/03 08:11:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
    [2013/09/03 08:11:12 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
    [2013/09/03 08:11:11 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
    [2013/09/03 08:11:11 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
    [2013/09/03 08:11:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
    [2013/09/03 08:11:11 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
    [2013/09/03 08:11:10 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
    [2013/09/03 08:11:10 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
    [2013/09/03 08:11:10 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
    [2013/09/03 08:11:10 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
    [2013/09/03 08:11:10 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
    [2013/09/03 08:11:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
    [2013/09/03 08:11:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
    [2013/09/03 08:11:09 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
    [2013/09/03 08:11:09 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
    [2013/09/03 08:11:09 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
    [2013/09/03 08:11:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
    [2013/09/03 08:11:09 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
     

    PARTE 2

     

    [2013/09/03 08:11:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
    [2013/09/03 08:11:09 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
    [2013/09/03 08:11:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
    [2013/09/03 08:11:08 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
    [2013/09/03 08:11:08 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
    [2013/09/03 08:11:08 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
    [2013/09/03 08:11:08 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
    [2013/09/03 08:11:08 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
    [2013/09/03 08:11:08 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
    [2013/09/03 08:11:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
    [2013/09/03 08:11:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
    [2013/09/03 08:11:08 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
    [2013/09/03 08:11:08 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
    [2013/09/03 08:11:07 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
    [2013/09/03 08:11:07 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
    [2013/09/03 08:11:07 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
    [2013/09/03 08:11:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
    [2013/09/03 08:11:07 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
    [2013/09/03 08:11:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
    [2013/09/03 08:11:06 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
    [2013/09/03 08:11:06 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
    [2013/09/03 08:11:06 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
    [2013/09/03 08:11:06 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
    [2013/09/03 08:11:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
    [2013/09/03 08:11:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
    [2013/09/03 08:11:06 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
    [2013/09/03 08:11:05 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
    [2013/09/03 08:11:05 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
    [2013/09/03 08:11:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
    [2013/09/03 08:11:05 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
    [2013/09/03 08:11:04 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
    [2013/09/03 08:11:04 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
    [2013/09/03 08:11:04 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
    [2013/09/03 08:11:04 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
    [2013/09/03 08:11:04 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
    [2013/09/03 08:11:04 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
    [2013/09/03 08:11:04 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
    [2013/09/03 08:11:04 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
    [2013/09/03 08:11:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
    [2013/09/03 08:11:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
    [2013/09/03 08:11:03 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
    [2013/09/03 08:11:03 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
    [2013/09/03 08:11:03 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
    [2013/09/03 08:11:03 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
    [2013/09/03 08:11:03 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
    [2013/09/03 08:11:02 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
    [2013/09/03 08:11:02 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
    [2013/09/03 08:11:02 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
    [2013/09/03 08:11:02 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
    [2013/09/03 08:11:02 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
    [2013/09/03 08:11:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
    [2013/09/03 08:11:02 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
    [2013/09/03 08:11:02 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
    [2013/09/03 08:11:02 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
    [2013/09/03 08:11:02 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
    [2013/09/03 08:11:01 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
    [2013/09/03 08:11:01 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
    [2013/09/03 08:11:01 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
    [2013/09/03 08:11:01 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
    [2013/09/03 08:11:01 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
    [2013/09/03 08:11:00 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
    [2013/09/03 08:11:00 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
    [2013/09/03 08:11:00 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
    [2013/09/03 08:11:00 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
    [2013/09/03 08:11:00 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
    [2013/09/03 08:11:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
    [2013/09/03 08:11:00 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
    [2013/09/03 08:11:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
    [2013/09/03 08:10:59 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
    [2013/09/03 08:10:59 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
    [2013/09/03 08:10:59 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
    [2013/09/03 08:10:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
    [2013/09/03 08:10:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
    [2013/09/03 08:10:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
    [2013/09/03 08:10:58 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
    [2013/09/03 08:10:58 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
    [2013/09/03 08:10:58 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
    [2013/09/03 08:10:58 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
    [2013/09/03 08:10:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
    [2013/09/03 08:10:58 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
    [2013/09/03 08:10:57 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
    [2013/09/03 08:10:57 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
    [2013/09/03 08:10:57 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
    [2013/09/03 08:10:57 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
    [2013/09/03 08:10:57 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
    [2013/09/03 08:10:57 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
    [2013/09/03 08:10:57 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
    [2013/09/03 08:10:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
    [2013/09/03 08:10:56 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
    [2013/09/03 08:10:56 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
    [2013/09/03 08:10:56 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
    [2013/09/03 08:10:56 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
    [2013/09/03 08:10:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
    [2013/09/03 08:10:56 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
    [2013/09/03 08:10:56 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
    [2013/09/03 08:10:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
    [2013/09/03 08:10:55 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
    [2013/09/03 08:10:55 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
    [2013/09/03 08:10:55 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
    [2013/09/03 08:10:55 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
    [2013/09/03 08:10:54 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
    [2013/09/03 08:10:54 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
    [2013/09/03 08:10:54 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
    [2013/09/03 08:10:54 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
    [2013/09/03 08:10:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
    [2013/09/03 08:10:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
    [2013/09/03 08:10:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
    [2013/09/03 08:10:54 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
    [2013/09/03 08:10:54 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
    [2013/09/03 08:10:53 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
    [2013/09/03 08:10:53 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
    [2013/09/03 08:10:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
    [2013/09/03 08:10:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
    [2013/09/03 08:10:52 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
    [2013/09/03 08:10:52 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
    [2013/09/03 08:10:52 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
    [2013/09/03 08:10:52 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
    [2013/09/03 08:10:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
    [2013/09/03 08:10:52 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
    [2013/09/03 08:10:52 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
    [2013/09/03 08:10:52 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
    [2013/09/03 08:10:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
    [2013/09/03 08:10:52 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
    [2013/09/03 08:10:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
    [2013/09/03 08:10:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
    [2013/09/03 08:10:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
    [2013/09/03 08:10:51 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
    [2013/09/03 08:10:51 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
    [2013/09/03 08:10:51 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
    [2013/09/03 08:10:51 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
    [2013/09/03 08:10:51 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
    [2013/09/03 08:10:51 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
    [2013/09/03 08:10:51 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
    [2013/09/03 08:10:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
    [2013/09/03 08:10:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
    [2013/09/03 08:10:50 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
    [2013/09/03 08:10:50 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
    [2013/09/03 08:10:50 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
    [2013/09/03 08:10:50 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
    [2013/09/03 08:10:50 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
    [2013/09/03 08:10:50 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
    [2013/09/03 08:10:50 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
    [2013/09/03 08:10:50 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
    [2013/09/03 08:10:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
    [2013/09/03 08:10:49 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
    [2013/09/03 08:10:49 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
    [2013/09/03 08:10:49 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
    [2013/09/03 08:10:49 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
    [2013/09/03 08:10:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
    [2013/09/03 08:10:48 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
    [2013/09/03 08:10:48 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
    [2013/09/03 08:10:48 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
    [2013/09/03 08:10:48 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
    [2013/09/03 08:10:48 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
    [2013/09/03 08:10:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
    [2013/09/03 08:10:48 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
    [2013/09/03 08:10:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
    [2013/09/03 08:10:47 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
    [2013/09/03 08:10:47 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
    [2013/09/03 08:10:47 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
    [2013/09/03 08:10:47 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
    [2013/09/03 08:10:47 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
    [2013/09/03 08:10:47 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
    [2013/09/03 08:10:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
    [2013/09/03 08:10:46 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
    [2013/09/03 08:10:46 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
    [2013/09/03 08:10:45 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
    [2013/09/03 08:10:45 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
    [2013/09/03 08:10:45 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
    [2013/09/03 08:10:45 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
    [2013/09/03 08:10:45 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
    [2013/09/03 08:10:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
    [2013/09/03 08:10:45 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
    [2013/09/03 08:10:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
    [2013/09/03 08:10:44 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
    [2013/09/03 08:10:44 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
    [2013/09/03 08:10:44 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
    [2013/09/03 08:10:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
    [2013/09/03 08:10:44 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
    [2013/09/03 08:10:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
    [2013/09/03 08:10:44 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
    [2013/09/03 08:10:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
    [2013/09/03 08:10:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
    [2013/09/03 08:10:43 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
    [2013/09/03 08:10:43 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
    [2013/09/03 08:10:43 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
    [2013/09/03 08:10:43 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
    [2013/09/03 08:10:43 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
    [2013/09/03 08:10:43 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
    [2013/09/03 08:10:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
    [2013/09/03 08:10:43 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
    [2013/09/03 08:10:42 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
    [2013/09/03 08:10:42 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
    [2013/09/03 08:10:42 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
    [2013/09/03 08:10:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
    [2013/09/03 08:10:42 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
    [2013/09/03 08:10:42 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
    [2013/09/03 08:10:42 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
    [2013/09/03 08:10:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
    [2013/09/03 08:10:42 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
    [2013/09/03 08:10:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
    [2013/09/03 08:10:42 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
    [2013/09/03 08:10:42 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
    [2013/09/03 08:10:41 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
    [2013/09/03 08:10:41 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
    [2013/09/03 08:10:41 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
    [2013/09/03 08:10:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
    [2013/09/03 08:10:40 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
    [2013/09/03 08:10:40 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
    [2013/09/03 08:10:40 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
    [2013/09/03 08:10:40 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
    [2013/09/03 08:10:40 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
    [2013/09/03 08:10:40 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
    [2013/09/03 08:10:40 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
    [2013/09/03 08:10:40 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
    [2013/09/03 08:10:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
    [2013/09/03 08:10:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
    [2013/09/03 08:10:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
    [2013/09/03 08:10:39 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
    [2013/09/03 08:10:39 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
    [2013/09/03 08:10:39 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
    [2013/09/03 08:10:39 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
    [2013/09/03 08:10:39 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
    [2013/09/03 08:10:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
    [2013/09/03 08:10:39 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
    [2013/09/03 08:10:38 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
    [2013/09/03 08:10:38 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
    [2013/09/03 08:10:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
    [2013/09/03 08:10:38 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
    [2013/09/03 08:10:38 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
    [2013/09/03 08:10:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
    [2013/09/03 08:10:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
    [2013/09/03 08:10:38 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
    [2013/09/03 08:10:37 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
    [2013/09/03 08:10:37 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
    [2013/09/03 08:10:37 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
    [2013/09/03 08:10:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
    [2013/09/03 08:10:37 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
    [2013/09/03 08:10:37 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
    [2013/09/03 08:10:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
    [2013/09/03 08:10:37 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
    [2013/09/03 08:10:37 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
    [2013/09/03 08:10:37 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
    [2013/09/03 08:10:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
    [2013/09/03 08:10:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
    [2013/09/03 08:10:36 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
    [2013/09/03 08:10:36 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
    [2013/09/03 08:10:36 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
    [2013/09/03 08:10:36 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
    [2013/09/03 08:10:36 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
    [2013/09/03 08:10:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
    [2013/09/03 08:10:36 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CscMig.dll
    [2013/09/03 08:10:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
    [2013/09/03 08:10:36 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
    [2013/09/03 08:10:36 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmictimeprovider.dll
    [2013/09/03 08:10:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
    [2013/09/03 08:10:35 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
    [2013/09/03 08:10:35 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
    [2013/09/03 08:10:35 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
    [2013/09/03 08:10:35 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
    [2013/09/03 08:10:35 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
    [2013/09/03 08:10:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
    [2013/09/03 08:10:35 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
    [2013/09/03 08:10:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
    [2013/09/03 08:10:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
    [2013/09/03 08:10:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
    [2013/09/03 08:10:34 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
    [2013/09/03 08:10:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
    [2013/09/03 08:10:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
    [2013/09/03 08:10:34 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
    [2013/09/03 08:10:34 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
    [2013/09/03 08:10:34 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
    [2013/09/03 08:10:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
    [2013/09/03 08:10:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
    [2013/09/03 08:10:34 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
    [2013/09/03 08:10:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
    [2013/09/03 08:10:33 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
    [2013/09/03 08:10:33 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2013/09/03 08:10:33 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2013/09/03 08:10:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
    [2013/09/03 08:10:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
    [2013/09/03 08:10:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
    [2013/09/03 08:10:31 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
    [2013/09/03 08:10:31 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
    [2013/09/03 08:10:31 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
    [2013/09/03 08:10:31 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
    [2013/09/03 08:10:31 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
    [2013/09/03 08:10:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
    [2013/09/03 08:10:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
    [2013/09/03 08:10:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
    [2013/09/03 08:10:30 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
    [2013/09/03 08:10:30 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
    [2013/09/03 08:10:30 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
    [2013/09/03 08:10:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
    [2013/09/03 08:10:30 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
    [2013/09/03 08:10:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
    [2013/09/03 08:10:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
    [2013/09/03 08:10:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
    [2013/09/03 08:10:29 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
    [2013/09/03 08:10:29 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
    [2013/09/03 08:10:29 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
    [2013/09/03 08:10:29 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
    [2013/09/03 08:10:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
    [2013/09/03 08:10:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
    [2013/09/03 08:10:28 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
    [2013/09/03 08:10:28 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
    [2013/09/03 08:10:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
    [2013/09/03 08:10:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
    [2013/09/03 08:10:28 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
    [2013/09/03 08:10:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
    [2013/09/03 08:10:27 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
    [2013/09/03 08:10:27 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
    [2013/09/03 08:10:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
    [2013/09/03 08:10:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
    [2013/09/03 08:10:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
    [2013/09/03 08:10:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
    [2013/09/03 08:10:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
    [2013/09/03 08:10:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
    [2013/09/03 08:10:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
    [2013/09/03 08:10:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
    [2013/09/03 08:10:26 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
    [2013/09/03 08:10:26 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
    [2013/09/03 08:10:26 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
    [2013/09/03 08:10:26 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
    [2013/09/03 08:10:26 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
    [2013/09/03 08:10:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
    [2013/09/03 08:10:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
    [2013/09/03 08:10:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
    [2013/09/03 08:10:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
    [2013/09/03 08:10:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
    [2013/09/03 08:10:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
    [2013/09/03 08:10:25 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
    [2013/09/03 08:10:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
    [2013/09/03 08:10:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
    [2013/09/03 08:10:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
    [2013/09/03 08:10:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
    [2013/09/03 08:10:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
    [2013/09/03 08:10:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
    [2013/09/03 08:10:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
    [2013/09/03 08:10:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
    [2013/09/03 08:10:25 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
    [2013/09/03 08:10:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
    [2013/09/03 08:10:24 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
    [2013/09/03 08:10:24 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
    [2013/09/03 08:10:24 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
    [2013/09/03 08:10:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
    [2013/09/03 08:10:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
    [2013/09/03 08:10:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
    [2013/09/03 08:10:24 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
    [2013/09/03 08:10:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
    [2013/09/03 08:10:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
    [2013/09/03 08:10:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
    [2013/09/03 08:10:24 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
    [2013/09/03 08:10:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
    [2013/09/03 08:10:23 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
    [2013/09/03 08:10:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
    [2013/09/03 08:10:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
    [2013/09/03 08:10:23 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
    [2013/09/03 08:10:23 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
    [2013/09/03 08:10:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
    [2013/09/03 08:10:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
    [2013/09/03 08:10:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
    [2013/09/03 08:10:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
    [2013/09/03 08:10:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
    [2013/09/03 08:10:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
    [2013/09/03 08:10:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qprocess.exe
    [2013/09/03 08:10:23 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
    [2013/09/03 08:10:22 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
    [2013/09/03 08:10:22 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
    [2013/09/03 08:10:22 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
    [2013/09/03 08:10:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
    [2013/09/03 08:10:22 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
    [2013/09/03 08:10:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
    [2013/09/03 08:10:22 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
    [2013/09/03 08:10:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
    [2013/09/03 08:10:22 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chglogon.exe
    [2013/09/03 08:10:21 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
    [2013/09/03 08:10:21 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
    [2013/09/03 08:10:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
    [2013/09/03 08:10:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
    [2013/09/03 08:10:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
    [2013/09/03 08:10:21 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
    [2013/09/03 08:10:21 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qappsrv.exe
    [2013/09/03 08:10:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
    [2013/09/03 08:10:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
    [2013/09/03 08:10:20 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
    [2013/09/03 08:10:20 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
    [2013/09/03 08:10:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
    [2013/09/03 08:10:20 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
    [2013/09/03 08:10:20 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
    [2013/09/03 08:10:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
    [2013/09/03 08:10:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
    [2013/09/03 08:10:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
    [2013/09/03 08:10:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
    [2013/09/03 08:10:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
    [2013/09/03 08:10:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgport.exe
    [2013/09/03 08:10:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
    [2013/09/03 08:10:19 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicres.dll
    [2013/09/03 08:10:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
    [2013/09/03 08:10:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
    [2013/09/03 08:10:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
    [2013/09/03 08:10:19 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmstorfltres.dll
    [2013/09/03 08:10:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tskill.exe
    [2013/09/03 08:10:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscon.exe
    [2013/09/03 08:10:19 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsdiscon.exe
    [2013/09/03 08:10:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rwinsta.exe
    [2013/09/03 08:10:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
    [2013/09/03 08:10:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoff.exe
    [2013/09/03 08:10:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgusr.exe
    [2013/09/03 08:10:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
    [2013/09/03 08:10:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
    [2013/09/03 08:10:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
    [2013/09/03 08:10:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbusres.dll
    [2013/09/03 08:10:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
    [2013/09/03 08:10:18 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
    [2013/09/03 08:10:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
    [2013/09/03 08:10:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
    [2013/09/03 08:10:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
    [2013/09/03 08:10:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shadow.exe
    [2013/09/03 08:10:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
    [2013/09/03 08:10:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
    [2013/09/03 08:10:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
    [2013/09/03 08:10:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reset.exe
    [2013/09/03 08:10:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\change.exe
    [2013/09/03 08:10:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\query.exe
    [2013/09/03 08:10:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
    [2013/09/03 08:10:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
    [2013/09/03 08:10:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
    [2013/09/03 08:10:16 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
    [2013/09/03 08:10:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
    [2013/09/03 08:10:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
    [2013/09/03 08:10:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
    [2013/09/03 08:10:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
    [2013/09/03 08:10:15 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
    [2013/09/03 08:10:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
    [2013/09/03 08:10:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
    [2013/09/03 08:10:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
    [2013/09/03 08:10:14 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
    [2013/09/03 08:10:13 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
    [2013/09/03 08:10:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
    [2013/09/03 08:10:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
    [2013/09/03 08:10:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
    [2013/09/03 08:10:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
    [2013/09/03 08:10:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
    [2013/09/03 08:10:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
    [2013/09/03 08:10:11 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
    [2013/09/03 08:10:11 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
    [2013/09/03 08:10:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
    [2013/09/03 08:10:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
    [2013/09/03 08:10:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbuspipe.dll
    [2013/09/03 08:10:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
    [2013/09/03 08:10:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmbusCoinstaller.dll
    [2013/09/03 08:10:08 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IcCoinstall.dll
    [2013/09/03 08:10:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
    [2013/09/03 08:10:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
    [2013/09/03 08:10:07 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmdCoinstall.dll
    [2013/09/03 08:10:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
    [2013/09/03 08:10:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
    [2013/09/03 08:10:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
    [2013/09/03 08:10:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
    [2013/09/03 08:10:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
    [2013/09/03 08:10:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
    [2013/09/03 08:10:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
    [2013/09/03 08:10:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
    [2013/09/03 08:10:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
    [2013/09/03 08:10:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
    [2013/09/03 08:10:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
    [2013/09/03 08:10:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
    [2013/09/03 08:10:04 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
    [2013/09/03 08:10:04 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
    [2013/09/03 08:10:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
    [2013/09/03 08:10:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
    [2013/09/03 08:10:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
    [2013/09/03 08:10:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
    [2013/09/03 08:10:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
    [2013/09/03 08:10:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
    [2013/09/03 08:10:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
    [2013/09/03 08:10:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
    [2013/09/03 08:10:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
    [2013/09/03 08:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
    [2013/09/03 08:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
    [2013/09/03 08:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
    [2013/09/03 08:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
    [2013/09/03 08:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
    [2013/09/03 08:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
    [2013/09/03 08:10:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
    [2013/09/03 08:10:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
    [2013/09/03 08:10:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
    [2013/09/03 08:10:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
    [2013/09/03 08:10:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
    [2013/09/03 08:10:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
    [2013/09/03 08:10:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
    [2013/09/03 08:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
    [2013/09/03 08:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
    [2013/09/03 08:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
    [2013/09/03 08:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
    [2013/09/03 08:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
    [2013/09/03 08:09:36 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
    [2013/09/03 08:09:36 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
    [2013/09/03 08:09:24 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
    [2013/09/03 08:06:27 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
    [2013/09/03 08:06:18 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
    [2013/09/03 07:38:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2013/09/03 07:38:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2013/09/03 07:38:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2013/09/03 07:38:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2013/09/03 07:38:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2013/09/03 07:38:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2013/09/03 07:38:19 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
    [2013/09/03 07:38:18 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
    [2013/09/03 07:38:16 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
    [2013/09/03 07:38:16 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
    [2013/09/03 07:38:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
    [2013/09/03 07:38:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
    [2013/09/03 07:37:36 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
    [2013/09/03 07:37:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
    [2013/09/03 07:37:29 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
    [2013/09/03 07:37:29 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
    [2013/09/03 07:37:10 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
    [2013/09/03 07:37:09 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
    [2013/09/03 07:34:51 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2013/09/03 07:34:50 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2013/09/03 07:34:49 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2013/09/03 07:34:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
    [2013/09/03 07:34:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2013/09/03 07:34:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
    [2013/09/03 07:31:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NOTE\Desktop\OTL.exe
    [2013/09/01 12:18:00 | 000,000,000 | ---D | C] -- C:\Users\NOTE\AppData\Roaming\Malwarebytes
    [2013/09/01 12:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/09/01 12:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/09/01 12:17:28 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2013/09/01 12:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2013/09/01 12:14:29 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\NOTE\Desktop\mbam-setup-1.75.0.1300.exe
    [2013/08/29 14:51:32 | 000,358,571 | ---- | C] (Farbar) -- C:\Users\NOTE\Desktop\FSS.exe
    [2013/08/29 14:51:29 | 000,358,571 | ---- | C] (Farbar) -- C:\Users\NOTE\Desktop\FSS.exe.part
    [2013/08/29 14:49:34 | 000,147,456 | ---- | C] (Eric_71) -- C:\Users\NOTE\Desktop\MbrScan.exe
    [2013/08/29 14:44:36 | 000,000,000 | ---D | C] -- C:\Users\NOTE\Desktop\HijackThis
    [2013/08/12 14:32:53 | 000,000,000 | ---D | C] -- C:\log
    [2013/02/11 09:01:17 | 000,211,968 | ---- | C] (Microsoft) -- C:\Program Files (x86)\Subtitle++.exe
    [2012/12/20 12:56:20 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\NOTE\AppData\Roaming\pcouffin.sys
    [2012/12/20 08:18:36 | 000,201,728 | ---- | C] (Freebyte.com) -- C:\Program Files\hjsplit.exe
    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013/09/03 10:13:28 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/09/03 10:13:28 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/09/03 10:07:51 | 000,000,032 | ---- | M] () -- C:\Windows\DANFEMON.INI
    [2013/09/03 10:02:43 | 000,000,032 | ---- | M] () -- C:\Windows\UNIDANFE.INI
    [2013/09/03 10:01:28 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/09/03 10:01:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/09/03 09:54:49 | 001,629,080 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/09/03 09:54:49 | 000,703,792 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
    [2013/09/03 09:54:49 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/09/03 09:54:49 | 000,146,578 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
    [2013/09/03 09:54:49 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/09/03 09:48:33 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/09/03 09:47:38 | 000,441,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/09/03 09:47:17 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
    [2013/09/03 09:47:17 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
    [2013/09/03 09:47:17 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
    [2013/09/03 09:47:17 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
    [2013/09/03 09:47:17 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
    [2013/09/03 09:47:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/09/03 09:46:47 | 2386,784,256 | -HS- | M] () -- C:\hiberfil.sys
    [2013/09/03 09:34:26 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
    [2013/09/03 09:34:25 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
    [2013/09/03 09:16:02 | 001,596,992 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/09/03 07:32:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NOTE\Desktop\OTL.exe
    [2013/09/01 12:17:29 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/09/01 12:14:45 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\NOTE\Desktop\mbam-setup-1.75.0.1300.exe
    [2013/08/29 14:55:39 | 000,358,571 | ---- | M] (Farbar) -- C:\Users\NOTE\Desktop\FSS.exe.part
    [2013/08/29 14:54:35 | 000,358,571 | ---- | M] (Farbar) -- C:\Users\NOTE\Desktop\FSS.exe
    [2013/08/29 14:51:01 | 000,000,512 | ---- | M] () -- C:\Users\NOTE\Desktop\Dump_Hdd1_DR1.mbr
    [2013/08/29 14:51:01 | 000,000,512 | ---- | M] () -- C:\Users\NOTE\Desktop\Dump_Hdd0_DR0.mbr
    [2013/08/29 14:49:48 | 000,147,456 | ---- | M] (Eric_71) -- C:\Users\NOTE\Desktop\MbrScan.exe
    [2013/08/29 09:09:52 | 000,000,810 | ---- | M] () -- C:\Users\NOTE\AppData\Roaming\burnaware.ini
    [2013/08/28 17:33:11 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\Desktop\PD119346050BR
    [2013/08/21 10:49:31 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/08/21 10:49:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/08/08 08:04:24 | 000,217,257 | ---- | M] () -- C:\Users\NOTE\Desktop\2.jpg
    [2013/08/08 08:03:46 | 000,233,530 | ---- | M] () -- C:\Users\NOTE\Desktop\1.jpg
    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2013/09/03 08:13:05 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
    [2013/09/03 08:12:45 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
    [2013/09/03 08:10:22 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
    [2013/09/03 08:09:59 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
    [2013/09/03 08:09:59 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
    [2013/09/03 08:09:22 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
    [2013/09/03 08:09:21 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
    [2013/09/01 12:17:29 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/08/29 14:50:20 | 000,000,512 | ---- | C] () -- C:\Users\NOTE\Desktop\Dump_Hdd1_DR1.mbr
    [2013/08/29 14:50:20 | 000,000,512 | ---- | C] () -- C:\Users\NOTE\Desktop\Dump_Hdd0_DR0.mbr
    [2013/08/28 17:33:11 | 000,000,000 | ---- | C] () -- C:\Users\NOTE\Desktop\PD119346050BR
    [2013/08/08 08:04:24 | 000,217,257 | ---- | C] () -- C:\Users\NOTE\Desktop\2.jpg
    [2013/08/08 08:03:46 | 000,233,530 | ---- | C] () -- C:\Users\NOTE\Desktop\1.jpg
    [2013/07/31 08:04:55 | 000,715,038 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\unins000.exe
    [2013/07/31 08:04:55 | 000,012,193 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\unins000.dat
    [2013/07/08 16:12:25 | 000,000,032 | ---- | C] () -- C:\Windows\UPD.INI
    [2013/07/08 16:12:02 | 000,000,032 | ---- | C] () -- C:\Windows\DANFEMON.INI
    [2013/07/08 16:11:09 | 000,000,032 | ---- | C] () -- C:\Windows\UNIDANFE.INI
    [2013/06/28 10:55:46 | 000,001,644 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2013/06/28 10:55:46 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
    [2013/06/19 12:51:23 | 000,428,544 | ---- | C] () -- C:\Windows\setup.exe
    [2013/06/19 12:51:06 | 000,615,870 | ---- | C] () -- C:\Windows\unins000.exe
    [2013/06/19 12:51:06 | 000,000,969 | ---- | C] () -- C:\Windows\unins000.dat
    [2013/03/16 14:36:26 | 000,431,630 | ---- | C] () -- C:\Users\NOTE\A Origem.jpg
    [2013/02/13 12:16:21 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
    [2012/12/22 08:11:34 | 000,000,810 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\burnaware.ini
    [2012/12/21 08:15:01 | 001,596,992 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/12/20 15:36:53 | 000,000,139 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\default.rss
    [2012/12/20 14:05:48 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
    [2012/12/20 13:01:51 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
    [2012/12/20 13:01:50 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
    [2012/12/20 13:01:48 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
    [2012/12/20 13:01:48 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2012/12/20 13:01:48 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2012/12/20 13:01:46 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2012/12/20 12:56:39 | 000,000,022 | ---- | C] () -- C:\Windows\SysWow64\systeminfo3.dll
    [2012/12/20 12:56:20 | 000,099,384 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\inst.exe
    [2012/12/20 12:56:20 | 000,007,859 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\pcouffin.cat
    [2012/12/20 12:56:20 | 000,001,167 | ---- | C] () -- C:\Users\NOTE\AppData\Roaming\pcouffin.inf
     
    ========== ZeroAccess Check ==========
     
    [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2013/02/08 07:07:03 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\CheckPoint
    [2012/12/21 11:10:47 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Downloaded Installations
    [2012/12/29 10:33:23 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\DVDFab
    [2012/12/21 11:12:54 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\FileOpen
    [2013/01/15 08:22:30 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\IsolatedStorage
    [2013/02/10 08:39:42 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\mkvtoolnix
    [2012/12/21 11:13:11 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Nitro
    [2013/09/02 07:42:51 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Nitro PDF
    [2013/07/19 21:35:39 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Opera
    [2012/12/20 16:11:32 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Publish Providers
    [2013/01/18 16:49:51 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Sony
    [2013/08/23 10:15:50 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\uTorrent
    [2012/12/20 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\NOTE\AppData\Roaming\Vso
     
    ========== Purity Check ==========
     
     
     
    ========== Custom Scans ==========
     
    < %systemroot%\system32\drivers\*.* /90 >
    [2013/09/03 09:47:17 | 000,001,402 | ---- | M] () -- C:\Windows\system32\drivers\gas.cer
    [2013/09/03 09:47:17 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\system32\drivers\gbpndisrd.sys
    [2013/09/03 09:47:17 | 000,010,266 | ---- | M] () -- C:\Windows\system32\drivers\ndisrd.cat
    [2013/09/03 09:47:17 | 000,003,641 | ---- | M] () -- C:\Windows\system32\drivers\ndisrd.inf
    [2013/09/03 09:47:17 | 000,001,814 | ---- | M] () -- C:\Windows\system32\drivers\ndisrd_m.inf
     
    < %userprofile%\*.* >
    [2013/02/06 09:26:11 | 000,431,630 | ---- | M] () -- C:\Users\NOTE\A Origem.jpg
    [2013/09/03 10:16:40 | 007,077,888 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat
    [2013/09/03 10:16:40 | 000,262,144 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat.LOG1
    [2012/12/20 08:11:00 | 000,000,000 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat.LOG2
    [2012/12/20 09:58:00 | 000,065,536 | -HS- | M] () -- C:\Users\NOTE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2012/12/20 09:58:00 | 000,524,288 | -HS- | M] () -- C:\Users\NOTE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2012/12/20 09:58:00 | 000,524,288 | -HS- | M] () -- C:\Users\NOTE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2013/02/08 06:52:29 | 000,065,536 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat{3fe5e7db-71d0-11e2-aeae-00265525539c}.TM.blf
    [2013/02/08 06:52:28 | 000,524,288 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat{3fe5e7db-71d0-11e2-aeae-00265525539c}.TMContainer00000000000000000001.regtrans-ms
    [2013/02/08 06:52:29 | 000,524,288 | -HS- | M] () -- C:\Users\NOTE\ntuser.dat{3fe5e7db-71d0-11e2-aeae-00265525539c}.TMContainer00000000000000000002.regtrans-ms
    [2012/12/20 08:11:01 | 000,000,020 | -HS- | M] () -- C:\Users\NOTE\ntuser.ini
    [2013/03/19 12:45:45 | 000,020,480 | -HS- | M] () -- C:\Users\NOTE\Thumbs.db
     
    < %SYSTEMDRIVE%\*.* >
    [2010/11/20 09:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
    [2012/12/20 14:02:05 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2012/12/20 10:39:48 | 000,396,684 | RHS- | M] () -- C:\DAHUK
    [2013/09/03 09:46:47 | 2386,784,256 | -HS- | M] () -- C:\hiberfil.sys
    [2012/12/20 11:53:32 | 000,000,999 | ---- | M] () -- C:\INSTALL.LOG
    [2013/09/03 09:46:53 | 3182,383,104 | -HS- | M] () -- C:\pagefile.sys
     
    < %PROGRAMFILES%\*.* >
    [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
    [2013/02/25 07:35:24 | 000,211,968 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Subtitle++.exe
     
    < %ALLUSERSPROFILE%\*.* >
    [2012/12/20 15:34:01 | 000,003,658 | ---- | M] () -- C:\ProgramData\hpzinstall.log
     
    < %APPDATA%\Microsoft\*.* >
     
    < %PROGRAMFILES%\*.* >
    [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
    [2013/02/25 07:35:24 | 000,211,968 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Subtitle++.exe
     
    < %PROGRAMFILES%\Internet Explorer\*.* >
    [2012/12/20 09:17:27 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
    [2012/12/20 09:17:27 | 000,002,535 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\ie9props.propdesc
    [2012/12/20 09:17:27 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
    [2012/12/20 09:17:27 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
    [2013/02/22 00:39:29 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
    [2012/12/20 09:17:26 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
    [2012/12/20 09:17:26 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    [2013/02/22 00:35:58 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
    [2013/02/22 00:35:28 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
    [2013/02/22 01:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    [2013/02/22 00:38:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
    [2012/12/20 09:17:26 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
    [2012/12/20 09:17:26 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
    [2012/12/20 09:17:27 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
    [2009/06/10 18:14:14 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\msdbg2.dll
    [2012/12/20 09:17:26 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
    [2009/06/10 18:14:15 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\pdm.dll
    [2013/02/22 01:10:00 | 000,149,616 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
     
    < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
    "DefaultConnectionSettings" = 46 00 00 00 66 01 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 AB 00 62 08 90 A8 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 41 37 9E 76 30 44 34 37 4E 63 07 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  [Binary data over 200 bytes]
    "SavedLegacySettings" = 46 00 00 00 60 09 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 AB 00 62 08 90 A8 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 41 37 9E 76 30 44 34 37 4E 63 07 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  [Binary data over 200 bytes]
     
    < %userprofile%\AppData\Local\temp\*.* >
    [2013/08/26 12:54:21 | 000,626,176 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\.0gbas.dll_u
    [2013/08/26 12:54:54 | 000,626,176 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\.1gbas.dll_u
    [2013/08/26 12:54:12 | 000,614,473 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\.gbas.dll
    [2013/08/26 12:54:12 | 000,626,176 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\.gbas.dll_u
    [2013/02/13 09:03:05 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\1.txt
    [2013/02/13 09:04:11 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\13355
    [2013/07/08 07:37:33 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\143832.od
    [2013/01/08 06:16:59 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\157514.od
    [2013/03/14 11:04:32 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\1ii7RD_Y.html.part
    [2013/07/10 12:19:05 | 000,008,114 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\1JeWcNmd.xml.part
    [2013/04/25 11:19:07 | 000,001,600 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\210726.cvr
    [2013/04/25 11:19:08 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\210757.od
    [2013/02/16 18:17:50 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\296011.od
    [2013/07/02 12:47:12 | 000,007,956 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\2mdDe8iu.xml.part
    [2013/04/17 08:04:47 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\3267253.od
    [2013/02/11 07:37:18 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\4665334.od
    [2013/04/25 11:12:12 | 000,004,456 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\4714911.cvr
    [2013/04/25 11:12:12 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\4714989.od
    [2013/02/13 09:04:28 | 004,191,873 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\50922-79548-eac3to.zip
    [2013/02/11 06:31:20 | 000,000,134 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\707526.od
    [2013/07/15 07:36:00 | 000,012,042 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\97O_M__C.xml.part
    [2013/02/04 12:09:17 | 000,000,033 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\adb.log
    [2013/01/07 14:41:40 | 000,007,524 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\AddinSetupTool.txt
    [2013/09/03 10:02:28 | 000,297,258 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\AdobeARM.log
    [2013/07/21 18:34:51 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\NOTE\AppData\Local\temp\Adobelm_Cleanup.0001
    [2013/01/15 08:22:11 | 000,000,052 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ah_download.log
    [2013/01/15 08:22:13 | 000,313,045 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ah_install.log
    [2013/01/15 08:22:10 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ah_installui.log
    [2013/01/15 08:22:13 | 000,000,325 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ah_setup.log
    [2013/01/15 08:22:13 | 000,000,186 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ah_setupwatcher1.log
    [2012/08/23 00:38:58 | 000,248,008 | ---- | M] (Ask.com) -- C:\Users\NOTE\AppData\Local\temp\AskSLib.dll
    [2013/09/03 08:22:02 | 000,005,396 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00000.log
    [2013/09/03 08:22:18 | 000,003,658 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00001.log
    [2013/09/03 08:28:38 | 000,005,396 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00002.log
    [2013/09/03 08:28:48 | 000,003,658 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00003.log
    [2013/09/03 08:34:47 | 000,004,666 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00004.log
    [2013/09/03 08:34:54 | 000,002,928 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00005.log
    [2013/09/03 09:15:52 | 000,004,666 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00006.log
    [2013/09/03 09:16:02 | 000,002,928 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\ASPNETSetup_00007.log
    [2013/01/18 06:22:12 | 000,008,810 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_11-b21.xml
    [2013/02/18 07:22:28 | 000,008,794 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_13-b20.xml
    [2013/02/23 13:26:03 | 000,008,810 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_15-b03.xml
    [2013/03/09 16:51:21 | 000,008,810 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_17-b02.xml
    [2013/04/17 08:15:02 | 000,008,818 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_21-b11.xml
    [2013/06/24 12:02:54 | 000,008,818 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\au-descriptor-1.7.0_25-b17.xml
    [2013/06/24 13:38:44 | 000,002,196 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\AUCHECK_PARSER.txt
    [2013/07/12 09:36:34 | 000,020,008 | R--- | M] () -- C:\Users\NOTE\AppData\Local\temp\boleto Afisul.pdf
    [2013/07/04 07:45:01 | 000,009,340 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\BOpAD0MP.xml.part
    [2013/01/18 16:49:27 | 000,445,560 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\cfinstall.log
    [2013/03/22 07:21:37 | 000,002,336 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVR1C56.tmp.cvr
    [2013/02/11 07:42:39 | 000,001,564 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVR2FF6.tmp.cvr
    [2013/07/08 07:37:33 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVR31C9.tmp.cvr
    [2013/01/08 06:16:59 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVR674A.tmp.cvr
    [2013/02/16 18:17:50 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVR844B.tmp.cvr
    [2013/02/11 07:37:07 | 000,004,144 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVRCBC6.tmp.cvr
    [2013/04/17 08:04:47 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\CVRDAA6.tmp.cvr
    [2013/04/17 14:58:44 | 000,039,794 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\DANFE_98662-4.PDF
    [2013/02/13 11:15:22 | 000,619,038 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dASNMl6D.jpg.part
    [2013/09/03 09:09:03 | 000,039,501 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_clwireg.txt
    [2013/01/18 16:47:57 | 000,436,020 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_vcredistMSI51C7.txt
    [2013/01/18 16:47:58 | 000,011,788 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_vcredistUI51C7.txt
    [2013/09/03 08:20:53 | 000,006,858 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_112040_283.txt
    [2013/09/03 08:21:00 | 000,004,672 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_112054_644.txt
    [2013/09/03 08:28:03 | 000,005,576 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_112759_536.txt
    [2013/09/03 08:28:07 | 000,004,542 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_112805_151.txt
    [2013/09/03 08:34:18 | 000,005,576 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_113417_213.txt
    [2013/09/03 08:34:20 | 000,004,542 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_113419_015.txt
    [2013/09/03 09:15:11 | 000,005,576 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_121508_931.txt
    [2013/09/03 09:15:13 | 000,004,542 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\dd_wcf_CA_smci_20130903_121512_023.txt
    [2013/07/05 13:11:02 | 000,007,285 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\eHilgAlt.xml.part
    [2013/08/02 08:12:52 | 000,050,737 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\euHUSThd.pdf.part
    [2012/12/20 08:11:50 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\FXSAPIDebugLogFile.txt
    [2013/05/15 10:47:49 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\geColladaModelCacheLock
    [2013/05/15 10:47:49 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\geIconCacheLock
    [2013/07/04 07:45:49 | 000,009,200 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\gGFwZY8W.xml.part
    [2013/07/09 13:44:31 | 000,013,176 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\hSbxLGEm.xml.part
    [2013/02/13 08:44:16 | 000,190,384 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\instloffer.exe
    [2013/03/18 07:28:41 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\isw_acc_80100000
    [2013/06/24 13:38:44 | 000,002,365 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\JAUReg.log
    [2013/09/02 14:36:25 | 000,025,162 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\JavaDeployReg.log
    [2013/06/24 13:38:29 | 000,146,542 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\java_install.log
    [2013/06/24 14:36:18 | 000,021,871 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\java_install_reg.log
    [2013/06/24 13:36:59 | 000,031,071 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\java_install_sp.log
    [2013/06/24 13:35:55 | 000,001,154 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\jinstall.cfg
    [2013/01/12 18:09:04 | 000,896,424 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u11-windows-i586-iftw.exe
    [2013/01/30 20:58:57 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u13-windows-i586-iftw.exe
    [2013/02/16 02:00:49 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u15-windows-i586-iftw.exe
    [2013/03/01 17:00:55 | 000,897,448 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u17-windows-i586-iftw.exe
    [2013/04/05 11:44:40 | 000,904,104 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u21-windows-i586-iftw.exe
    [2013/06/21 22:58:27 | 000,903,080 | ---- | M] (Oracle Corporation) -- C:\Users\NOTE\AppData\Local\temp\jre-7u25-windows-i586-iftw.exe
    [2013/09/03 10:07:25 | 000,419,766 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\jusched.log
    [2013/09/03 08:23:10 | 003,199,284 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2487367_20130903_081929614-Microsoft .NET Framework 4 Extended-MSP0.txt
    [2013/09/03 08:23:11 | 000,054,818 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2487367_20130903_081929614.html
    [2013/09/03 08:52:16 | 009,969,054 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2604121_20130903_084549778-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 08:52:16 | 000,059,172 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2604121_20130903_084549778.html
    [2013/09/03 08:33:53 | 008,667,484 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2656351_20130903_083042345-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 08:35:18 | 003,880,428 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2656351_20130903_083042345-Microsoft .NET Framework 4 Extended-MSP1.txt
    [2013/09/03 08:35:18 | 000,061,356 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2656351_20130903_083042345.html
    [2013/09/03 08:57:58 | 010,544,722 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2729449_20130903_085225827-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 08:57:58 | 000,058,880 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2729449_20130903_085225827.html
    [2013/09/03 08:27:30 | 008,400,194 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2736428_20130903_082318776-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 08:29:10 | 003,577,358 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2736428_20130903_082318776-Microsoft .NET Framework 4 Extended-MSP1.txt
    [2013/09/03 08:29:10 | 000,061,356 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2736428_20130903_082318776.html
    [2013/09/03 09:07:13 | 011,771,506 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2737019_20130903_090341719-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 09:07:14 | 000,058,628 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2737019_20130903_090341719.html
    [2013/09/03 09:14:11 | 012,467,020 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2742595_20130903_090910743-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 09:16:32 | 004,185,296 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2742595_20130903_090910743-Microsoft .NET Framework 4 Extended-MSP1.txt
    [2013/09/03 09:16:33 | 000,061,494 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2742595_20130903_090910743.html
    [2013/09/03 09:01:56 | 011,083,358 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2789642_20130903_085853612-Microsoft .NET Framework 4 Client Profile-MSP0.txt
    [2013/09/03 09:01:56 | 000,064,596 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KB2789642_20130903_085853612.html
    [2013/07/02 12:36:20 | 000,009,340 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\KXmUfsXS.xml.part
    [2013/07/02 07:58:46 | 000,051,572 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\lIY5yagT.pdf.part
    [2013/01/07 14:54:54 | 000,077,293 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\LogNitroPDFDriver8Install.txt
    [2013/07/10 12:17:29 | 000,007,383 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\mGVcapfQ.XML.part
    [2013/01/20 13:10:55 | 000,014,336 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\MPCvideo_ts.ifo
    [2013/06/28 11:02:51 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\nfe2.lock
    [2013/01/07 14:02:25 | 000,372,859 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\NitroSysFonts01.dat
    [2013/06/05 12:21:10 | 000,031,832 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\NOTE.bmp
    [2012/12/29 13:39:21 | 000,001,354 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\OP_RegList.dat
    [2013/07/05 12:56:45 | 000,007,291 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\owjSDNLJ.xml.part
    [2013/06/30 18:39:34 | 000,007,956 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\QW99wya5.xml.part
    [2013/07/10 12:18:47 | 000,012,042 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\rDPLWW99.xml.part
    [2013/04/12 07:44:56 | 000,275,688 | R--- | M] () -- C:\Users\NOTE\AppData\Local\temp\Relat.pdf
    [2013/07/10 08:15:20 | 000,007,391 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\RyY7XbzW.XML.part
    [2013/01/10 14:08:32 | 000,000,960 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\StructuredQuery.log
    [2013/04/17 07:22:03 | 000,198,906 | R--- | M] () -- C:\Users\NOTE\AppData\Local\temp\Tabela Ess. Cliente ML '''.pdf
    [2012/12/29 10:29:24 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\tmp.htm
    [2013/07/04 07:45:32 | 000,009,200 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\TsAM9POt.xml.part
    [2013/07/21 18:34:39 | 000,000,695 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\TWAIN.LOG
    [2013/07/21 18:34:39 | 000,000,003 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\Twain001.Mtx
    [2013/07/21 18:34:39 | 000,000,156 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\Twunk001.MTX
    [2013/01/07 14:11:05 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\Twunk002.MTX
    [2013/03/24 13:54:49 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\uttF1ED.tmp.old
    [2013/08/09 07:31:31 | 000,007,373 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\v6SpyEl1.xml.part
    [2013/08/09 15:59:47 | 000,076,800 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\vHyx4ykZ.xls.part
    [2013/02/16 18:22:44 | 015,313,441 | R--- | M] () -- C:\Users\NOTE\AppData\Local\temp\VID_20130216_142233.3gp
    [2013/09/03 10:01:54 | 000,003,481 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\wmsetup.log
    [2013/05/06 12:11:22 | 000,633,509 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\zNZ7HkrJ.pdf.part
    [2013/04/20 08:39:21 | 000,000,024 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\_1C71A281EE30451B8C6749FB9DF1A589
    [2013/08/16 09:19:42 | 841,668,116 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\_J+jg0Dh.avi.part
    [2013/02/22 08:40:37 | 000,000,000 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\_TuZ4gEJ.html.part
    [2013/08/20 15:09:09 | 000,035,052 | ---- | M] () -- C:\Users\NOTE\AppData\Local\temp\_ub30eNx.PDF.part
    [596 C:\Users\NOTE\AppData\Local\temp\*.tmp files -> C:\Users\NOTE\AppData\Local\temp\*.tmp -> ]

    < End of report >
     



    #8
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts
    Faça o download do Kaspersky Virus Removal Tool:
     
    Salve-o em sua área de trabalho.
     
    - Duplo clique no arquivo "setup" e aguarde a instalação;
    - Na próxima tela marque I accept the licence agreement e clique em Start
    - Clique no botão f4uZX.png e marque:
    • Meu computador
  • Disco local (C:) (a letra do disco local pode variar)
  • - Clique em Actions e desmarque os dois quadros:
    Zqewdl.jpg
    - Clique na aba Automatic Scan e aguarde o término da verificação.
     
    - Clique  no botão zNEXl.jpg, em Detected threats e no botão "Save".
    - Copie o conteúdo do arquivo salvo (se houver algo detectado) e poste na sua próxima resposta.


    #9
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    Bom dia,

    Fiz o scan, ao gerar o log em texto, o programa travou 2 vezes e constatei que o arquivo texto ficou com 112mb!!

    Tentei postar aqui mas chegou a penduar o navegador! Nas respostas anteriores o fórum acusou muito longo o texto e era centenas d vezes menor que esse!

    Como procedo?

    Obrigado



    #10
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts

    Devem ser os eventos. Se houve "Detected threats", poste somente o que foi detectado.



    #11
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    Olá,

    Não acusou nada, deu como "not detected threats"! Provavelmente está limpo!

     

    Obrigado



    #12
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts
    - Ok, os logs estão limpos :)
     
    - Faça o download do CCleaner:
    • Clique em Salvar e quando terminado o download, faça a instalação;
  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados
  • - Desative e ative novamente a Restauração do Sistema
     
    - Leia o artigo Proteja seu PC para maiores informações sobre como evitar infecções;
     
    - Se não tiver mais problema, clique no botão LuQlZ.png e diga que o seu caso foi resolvido.


    #13
    Ivandro

    Ivandro

      Novato

    • Novato
    • Pip
    • 14 posts

    bom dia,

    Problema resolvido!!

     

    Obrigado pela força!

     

    Ivandro



    #14
    JoseMelo

    JoseMelo

      Assistente Profissional

    • Assistente Profissional
    • 128.636 posts
    PROBLEMA RESOLVIDO
     
    Caso queira solicitar a reabertura do tópico, utilize o botão Denunciar para entrar em contato com a moderação.

    Nota: Somente o autor pode realizar essa solicitação na área Remoção de Malware.