My LOG from OTL:
OTL logfile created on: 06/07/2012 23:38:54 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\CASA\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,20% Memory free
8,00 Gb Paging File | 5,63 Gb Available in Paging File | 70,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 40,35 Gb Free Space | 17,33% Space Free | Partition Type: NTFS
Drive E: | 698,63 Gb Total Space | 26,62 Gb Free Space | 3,81% Space Free | Partition Type: NTFS
Computer Name: CASA-PC | User Name: CASA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/06 23:37:23 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\CASA\Downloads\OTL.exe
PRC - [2012/06/06 18:51:08 | 000,213,696 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2012/05/31 08:21:01 | 000,296,672 | ---- | M] (Microsoft Corporation) -- C:\Users\CASA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012/05/29 18:20:33 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/26 16:56:20 | 002,362,752 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/05/04 18:12:42 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/10 10:26:47 | 000,368,560 | ---- | M] (Banco Bradesco S.A.) -- C:\Program Files (x86)\Scpad\scpVista.exe
PRC - [2010/07/19 19:00:35 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
PRC - [2008/03/10 00:08:42 | 000,065,536 | ---- | M] () -- C:\Arquivos de Programas\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
========== Modules (No Company Name) ==========
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madExcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madBasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madDisAsm_.bpl
MOD - [2009/07/10 09:07:18 | 000,166,912 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/02/06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012/07/01 18:13:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/06/23 21:12:39 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/22 00:09:56 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012/06/06 18:51:08 | 000,213,696 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/04/22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Arquivos de Programas\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de Programas\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/02/29 21:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/01/03 10:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/10 10:26:47 | 000,368,560 | ---- | M] (Banco Bradesco S.A.) [Auto | Running] -- C:\Program Files (x86)\Scpad\scpVista.exe -- (scpVista)
SRV - [2011/08/11 20:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Arquivos de Programas\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2011/03/28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/07/19 19:45:03 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/19 19:00:35 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/07/18 05:02:05 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/07/17 16:14:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/10 00:08:42 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe -- (mi-raysat_3dsMax2009_64)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/07/06 11:41:55 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2012/04/22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012/01/09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012/01/09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/07/17 20:44:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/01/26 23:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/10/16 06:44:56 | 001,309,696 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2009/07/16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 00:49:16 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/24 23:14:46 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2012/06/06 18:51:38 | 000,046,016 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/07/22 13:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de Programas\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/12 18:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Arquivos de Programas\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2010/11/09 15:50:30 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Users\CASA\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 D5 CC 7D E2 25 CB 01 [binary data]
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\SearchScopes,DefaultScope = {B2F6783C-6457-44A8-8A15-D2A38AEF8E55}
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\SearchScopes\{15174C38-F36A-4399-B180-97993F3F8107}: "URL" = http://br.search.yahoo.com/search?fr=ch ... =302398&p={searchTerms}
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\SearchScopes\{3BDD85AF-A403-4D82-AA38-3CFFFE6187EA}: "URL" = http://pt.wikipedia.org/w/index.php?tit ... ar&search={searchTerms}
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\SearchScopes\{B2F6783C-6457-44A8-8A15-D2A38AEF8E55}: "URL" = http://www.google.com/search?hl=pt&q={searchTerms}&rlz=
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 216.52.233.197:443
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.uol.com.br/"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.startup.homepage: "http://www.uol.com.br/"
FF - user.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - user.js..network.proxy.no_proxies_on: "*.local"
FF - user.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\Windows\ [2012/07/06 23:34:55 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/29 18:21:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/16 09:39:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/29 18:21:20 | 000,000,000 | ---D | M]
[2011/02/10 09:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CASA\AppData\Roaming\mozilla\Extensions
[2010/09/10 20:40:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CASA\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/07/06 18:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CASA\AppData\Roaming\mozilla\Firefox\Profiles\f29phm0a.default\extensions
[2012/03/29 23:42:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\CASA\AppData\Roaming\mozilla\Firefox\Profiles\f29phm0a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/25 08:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/03/15 08:54:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/08 20:48:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/04/25 08:58:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/16 09:39:08 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/25 08:58:15 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/05/29 18:20:41 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/02/23 16:17:17 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2012/02/23 16:17:17 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2012/02/23 16:17:17 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/02/23 16:17:17 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/02/23 16:17:17 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
O1 HOSTS File: ([2012/07/04 22:03:55 | 000,001,401 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 68.168.222.227 www.google-analytics.com.
O1 - Hosts: 68.168.222.227 ad-emea.doubleclick.net.
O1 - Hosts: 68.168.222.227 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll (Banco Bradesco S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001..\Run: [SkyDrive] C:\Users\CASA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\CASA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-541023107-3262234059-3948009056-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = 1
O8:64bit: - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Enviar para o OneNote - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.6.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan ... stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... 4.13.0.cab (SysInfo Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24480B42-7F9E-4939-AD49-CE0D0B08EDCB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72E261D0-E1B7-4CB8-9D96-E01CDA7219B1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Program Files (x86)\GbPlugin\gbiehUni.dll) - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{1f80a68e-64ae-11e1-b6a0-001e8c8321db}\Shell - "" = AutoRun
O33 - MountPoints2\{1f80a68e-64ae-11e1-b6a0-001e8c8321db}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{c51933c6-9207-11df-9f7a-001e8c8321db}\Shell - "" = AutoRun
O33 - MountPoints2\{c51933c6-9207-11df-9f7a-001e8c8321db}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{c51933c6-9207-11df-9f7a-001e8c8321db}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{c51933c6-9207-11df-9f7a-001e8c8321db}\Shell\install\command - "" = F:\SETUP.EXE
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/06 22:57:13 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/07/06 22:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/06 22:03:10 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{522F9D6B-5659-4F30-B90C-34F93825360B}
[2012/07/06 22:02:31 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{973AF55A-B554-4E7C-8408-F828D289F10F}
[2012/07/06 22:01:51 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{C37F0645-2A24-4E61-9EE8-7BB0453B90C8}
[2012/07/06 22:01:12 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CF3C4E4D-2629-4159-97E1-B642735992FC}
[2012/07/06 18:24:10 | 000,000,000 | ---D | C] -- C:\Users\CASA\Desktop\GooredFix Backups
[2012/07/06 11:41:55 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012/07/06 11:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012/07/06 11:41:54 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Roaming\Spyware Terminator
[2012/07/06 11:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012/07/06 11:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2012/07/06 10:00:17 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{64D7C27A-DD1A-4BAF-A5AE-8C3547EC224D}
[2012/07/05 21:58:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{716CA6D4-8367-41EF-B6C8-5B90DCE37354}
[2012/07/05 21:58:16 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B63FE352-8F64-499B-9FB1-AA66096418F5}
[2012/07/05 21:56:56 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{895F4ACD-D999-411B-95DF-F2A7D34B3F79}
[2012/07/05 09:56:14 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{60F33BA0-3397-4173-925C-8E53A92462BD}
[2012/07/05 09:55:34 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{EFE25A4E-1222-4900-B7F8-CE3EAB718099}
[2012/07/05 09:54:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A601883A-313E-4A7D-B482-B78D31F0914F}
[2012/07/05 09:54:15 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{12A7522F-4771-4A89-9510-654E7022D1DD}
[2012/07/04 10:39:46 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{EF934227-1B92-4E5E-A8FC-CE351AC0C7FB}
[2012/07/04 10:39:07 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A0AD7BE4-DBA7-4D2C-9943-6FA946D88E19}
[2012/07/04 10:38:29 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{45A29848-CF1C-4DE5-8781-92F92BF45D99}
[2012/07/04 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{0DFF5778-BDD2-4A96-BB20-36D0F71817DC}
[2012/07/03 22:36:56 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{016F2D14-3489-4ABF-AD5B-75CE7166F166}
[2012/07/03 22:36:17 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{D9748333-787A-461E-B465-3F81E48F210E}
[2012/07/03 22:35:35 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{2467B699-2C2B-4DCC-B4EC-5B9B8CA382E3}
[2012/07/03 10:34:14 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7BF9BE40-E3A3-40CC-B21F-14818D3322AE}
[2012/07/03 10:33:35 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{49B2A058-747D-4190-B280-2FD522B85D53}
[2012/07/03 10:32:56 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{718D9DE2-A90D-4695-827E-E5E244AC7D2A}
[2012/07/03 10:32:17 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A2CD5B9C-39A9-4ECE-8064-28562C48167A}
[2012/07/02 22:31:23 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{ED995CF5-BA82-49F5-8897-A3D6F29A6F5A}
[2012/07/02 22:30:44 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{8A8B28B0-F18A-4C96-8EFD-EF9BB480C0FA}
[2012/07/02 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{818B160C-EF27-470C-946E-98498FE8D5CB}
[2012/07/02 22:29:26 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{9C2D8616-379E-49BE-BC95-CA2FC2AB4965}
[2012/07/02 10:29:10 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B46A65E4-0D79-40CE-8E88-34FF5B889850}
[2012/07/02 10:28:31 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{E6C4A033-FC45-4100-8487-19B155629480}
[2012/07/02 10:27:52 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F2848E97-4EDB-4DBD-998F-5810AF5EDC39}
[2012/07/02 10:27:12 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{C4F6F920-B88A-4AF1-9C8C-F03FF517B289}
[2012/07/01 21:42:36 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CBBB0BB5-34F3-4123-AC6F-9941F8A9DB87}
[2012/07/01 21:41:57 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{478FB991-3C1B-4888-8C92-FFCF26BF52B0}
[2012/07/01 21:40:39 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6EF2AE86-04C2-455F-A221-B7C533749629}
[2012/07/01 09:39:57 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{08F11A76-1D44-4101-ABBA-A5DD16492797}
[2012/07/01 09:39:16 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{89BBEB8D-CEBD-458C-8317-B167B26F27C9}
[2012/07/01 09:38:37 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6BFB088C-D53E-4280-A5FF-21D19339155B}
[2012/07/01 09:37:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{11014E7D-AF69-4352-9702-F92F2656E4C7}
[2012/06/30 21:20:21 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{76C28566-3BF6-4FD1-99B2-5DB25F5AA26D}
[2012/06/30 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7376A979-5BD9-4AED-987A-65B0F67E6F7E}
[2012/06/30 21:18:24 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{82082B4A-9DB3-4E5E-A831-ED63ED9ECD93}
[2012/06/30 09:17:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7FCF0043-C8C3-453D-9A33-69908547CE00}
[2012/06/30 09:17:04 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{77F4256D-434E-4496-B94C-C4F1E66A089B}
[2012/06/30 09:16:24 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A3FECB8F-7486-46E7-AF58-6B9C813A3455}
[2012/06/29 21:15:03 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4CF80DD5-AC21-4D37-BF49-5AAC286BA8E7}
[2012/06/29 21:14:24 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{0CCDE01A-428E-47C4-A918-69E620BD0D0A}
[2012/06/29 21:13:06 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{FF99332E-33E3-430C-97C0-6ED745BB20A2}
[2012/06/29 09:12:25 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7BFCC28B-203A-4667-AE83-260075E94B0A}
[2012/06/29 09:11:46 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{292C17A5-6470-4B1F-B7F6-BC858E917F84}
[2012/06/29 09:11:06 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F3B24E1F-AE47-4E94-9154-8100D55D6DAD}
[2012/06/29 09:10:24 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{96EDDE41-A37C-42FA-94A7-3B26CC7B1B2E}
[2012/06/28 12:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/06/28 12:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/28 12:29:32 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{2228360D-1FE6-43DD-99ED-1CF6EB73ED2A}
[2012/06/28 12:28:51 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{0BD47E81-E251-4DE5-91E5-5FD401CDF6B6}
[2012/06/28 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6A7F51A0-101A-44DC-8D2A-DEB09A3DDAD1}
[2012/06/28 12:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012/06/28 12:04:31 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{AC1B9529-F1E7-41D7-BCC1-4D1DA25EBE25}
[2012/06/28 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6B701F97-A38C-4D49-A4B6-8D332A761B26}
[2012/06/27 19:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/27 19:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/27 09:56:06 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{752F953A-755E-4787-B3A9-CC6455E4C8C7}
[2012/06/27 09:54:31 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{C7E031F6-6C04-4B1C-8A7D-6A2FABE06C3F}
[2012/06/27 09:53:44 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{5C8AE063-A1B1-4418-8EF9-A59CB8C59369}
[2012/06/27 09:52:53 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{E984BAFA-4D32-41F9-8D57-25C4110892D6}
[2012/06/26 19:09:07 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{AAE4D432-A6B4-4EA0-8921-9569CE697071}
[2012/06/26 19:08:19 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{804B3B03-A4C6-40BD-9F1F-DECFA77FAE6C}
[2012/06/26 19:07:34 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4AF1216E-E5CD-4748-BF07-6F184A0A66B6}
[2012/06/26 19:06:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6BD9B4BD-C11C-4F94-827D-26ED868731D9}
[2012/06/25 14:30:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7DF81AD9-0C8A-411E-B7E8-EEE1E652D4C5}
[2012/06/25 14:29:52 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{FF49B017-EDE0-4DBF-A54B-CE83E9B2BB75}
[2012/06/25 14:29:08 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{D2791F60-09DE-4B45-8FA9-B6B931D81BCF}
[2012/06/25 14:28:23 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{FA1FBBF3-F694-46BF-B331-6ED590DB6E8B}
[2012/06/24 23:04:21 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A2CE5217-968C-4EB6-B7D6-4E10B0B0A9E0}
[2012/06/24 23:03:41 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A1342580-601C-4074-834A-A7E9D6EEDBFC}
[2012/06/24 23:03:02 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{540761CE-5304-4A35-8CF8-C8781CE8FEEE}
[2012/06/24 23:02:22 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{9296FC20-374E-48C4-B529-1D146CB9E53F}
[2012/06/24 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/06/24 17:52:25 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Roaming\Ad-Aware Antivirus
[2012/06/24 11:01:27 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{798FA4E9-6B27-4AB3-B5E4-21F108C423B0}
[2012/06/24 11:01:10 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\Macromedia
[2012/06/24 11:00:47 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{0B292586-52AC-4347-975F-1D20D6B43EE5}
[2012/06/24 11:00:08 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{03A167CF-A81B-4702-A9C2-83B63AB48B0C}
[2012/06/24 10:59:23 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{89DC9000-1991-4349-A906-8A9AADAA01CC}
[2012/06/23 14:32:24 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/23 14:32:24 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/23 14:32:24 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/23 14:32:09 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/23 14:32:09 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/23 14:32:09 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/23 14:31:50 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/23 14:31:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/23 11:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/06/23 11:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/06/23 10:00:16 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A7D08E22-F495-4E39-8254-04A20C5496A1}
[2012/06/23 09:59:37 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{05558177-9991-44A6-8D26-7023DF20ECC6}
[2012/06/23 09:58:56 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{9BC02497-D653-4CB2-987F-9F45241CE5F6}
[2012/06/23 09:58:07 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{3EB266B4-9920-44A2-9991-68A748006C0C}
[2012/06/22 19:38:18 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{9E030D99-6A47-4D84-A2AD-D384288306CB}
[2012/06/22 19:37:33 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{889F45AB-1F2F-4CC3-8602-A5D9E22DAF66}
[2012/06/22 19:36:50 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{90E2E41B-BFE5-4733-89CC-57553B48ECFF}
[2012/06/22 19:36:05 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{A0AA50FE-39CA-490F-AB61-923EE6C3F38F}
[2012/06/21 16:08:02 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F82328DE-9706-4AC8-BD6C-F68997FBD7BE}
[2012/06/21 16:07:23 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{668DA292-515A-4D16-A5F3-B9C6D3AF5F14}
[2012/06/21 16:06:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B85F7400-1572-4FF2-8233-082DC8CA4A46}
[2012/06/21 16:06:01 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{63C53E55-C850-43AB-973F-5C9991AC1382}
[2012/06/20 18:08:01 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4BE60453-CB3C-4EA2-AF18-D0A32889C695}
[2012/06/20 18:07:22 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{DFDD35F1-3B2D-4CDE-B18A-A89762C2061F}
[2012/06/20 18:06:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{ADC9A9AF-6B81-4583-A387-51507FE3E461}
[2012/06/20 06:20:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\Desktop\FAZER 1 SEMESTRE
[2012/06/20 06:05:23 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{08A8D65C-9810-42BD-A883-A69DE510CA8F}
[2012/06/20 06:04:42 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{2E3305DC-8F0F-4CC0-8A3F-F60788B79FF5}
[2012/06/20 06:04:00 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{3243C38C-F333-4CC2-8106-94B50C86A438}
[2012/06/20 06:03:16 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{6203313A-6DEC-4D1A-8B5A-AFC7120ADD42}
[2012/06/19 15:59:19 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{14DC17CE-F7BC-4E35-8D55-92D45FBFC2AC}
[2012/06/19 15:58:19 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7AFDD4D9-5B6E-4A52-9011-C894A8396639}
[2012/06/19 15:57:39 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{676EF9D7-EC44-4108-91F5-9B8E2D44C14E}
[2012/06/19 15:56:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{BB7E0608-1F5E-4C2B-B519-622060CAB045}
[2012/06/18 17:34:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{356F65B5-9B7F-4967-830C-725A44AA5408}
[2012/06/17 10:18:08 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CA73E475-6150-4E94-B961-CA07A4109C60}
[2012/06/16 21:36:43 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7A3378D6-8B40-4572-AE59-0C3FF5DDA457}
[2012/06/16 09:36:19 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{1ECC83D9-7BBF-4C6E-B11D-51E0338994E1}
[2012/06/15 17:19:58 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B52484D1-1424-4F2C-9069-BFC4281CADFD}
[2012/06/14 14:30:25 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{BF9D97B8-9BB5-42B6-A1B3-D21AA4BB94F0}
[2012/06/14 14:29:44 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{E152DD34-412F-4246-ACC0-9E89A37874D0}
[2012/06/14 14:29:03 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{D407D49D-6BBD-40C4-AAAF-7A6B9853E5F8}
[2012/06/14 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{536A31A1-AAB6-4C78-A3DC-1BAFC410836F}
[2012/06/13 22:06:57 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4A753564-31DA-482C-8584-9E4496A310CA}
[2012/06/13 22:06:18 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F34F42DB-F85B-4AAF-8624-92AB8F198CAA}
[2012/06/13 22:04:59 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{AA62B7B3-F887-4DB7-97DC-A2B6C0A69836}
[2012/06/13 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{712AAF44-65F1-46E6-9C96-3EF027360680}
[2012/06/13 10:03:39 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{3E06A13F-4AD5-4345-ABC8-0F6F02F8654C}
[2012/06/13 10:02:59 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B9B4F4B5-68B0-4CE8-A60C-B4A8D80C6B7E}
[2012/06/13 10:02:17 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{90FA8A46-75AD-4189-A2BE-B3FFCB8898E6}
[2012/06/12 23:12:18 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/12 23:12:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/12 23:12:17 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/12 23:12:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/12 23:12:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/12 23:12:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/12 23:12:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/12 23:12:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/12 23:12:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/12 23:12:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/12 23:12:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/12 23:12:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/12 23:12:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/12 20:50:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/12 20:50:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/12 20:50:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/12 20:50:48 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/12 20:50:47 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/12 20:50:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/12 20:50:41 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/12 20:50:26 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/12 20:50:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/12 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B63253B4-2200-47D5-9DED-842B283E9880}
[2012/06/12 17:17:09 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CA4E41BA-6260-43B9-9763-5397F01DA65B}
[2012/06/12 17:16:29 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CE0D38B0-1D52-4ED4-BBDF-7FC6FF1577CE}
[2012/06/12 17:15:39 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{DF8BC35C-BE15-4877-AF50-F4F67469F99E}
[2012/06/11 16:08:47 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{DBAF6021-5514-463E-AA80-BB1EBD0EFCD8}
[2012/06/11 16:08:06 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{C6D80869-0F12-490A-BE05-06642ADA75B4}
[2012/06/11 16:07:27 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{ED54F195-9865-4EF6-B981-F68D0A4ED390}
[2012/06/11 16:06:46 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{56342568-F831-4E7B-98ED-6A5595EF9A91}
[2012/06/08 23:34:03 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{052C2F95-B0A8-4898-A524-EC6C988DC862}
[2012/06/08 23:33:25 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4C18B61E-FB1F-434E-82DA-350A1CEC81D4}
[2012/06/08 11:31:25 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{5664FE41-9CFF-4BD6-9D7E-6C958FE4D7E2}
[2012/06/08 11:30:46 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{E3E0AEB8-A6E9-405F-AC52-F83DBCA5A441}
[2012/06/08 11:30:07 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F50547BB-C7BB-46B9-B14E-3F1EB2994E39}
[2012/06/08 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{7AA1B2AD-FA9E-4CF1-8B59-27CC1845A71A}
[2012/06/08 00:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/06/08 00:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/07 22:05:13 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{F30B8B12-88C4-42C5-B1AC-98E75A4F377D}
[2012/06/07 22:04:34 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{D3055CF2-A2C3-4C55-A402-086A168B261B}
[2012/06/07 22:03:55 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{12268F79-C46C-4D6D-A2BA-47B12296225F}
[2012/06/07 22:03:15 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{CD7CFC7D-9EEC-43E3-BC86-2F394A0219C8}
[2012/06/07 10:49:18 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Roaming\Help
[2012/06/07 10:49:18 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\Help
[2012/06/07 10:47:58 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2012/06/07 10:47:58 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2012/06/07 10:47:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2012/06/07 10:47:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2012/06/07 10:47:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2012/06/07 10:47:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2012/06/07 10:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012/06/07 10:02:21 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{D3F5C7B9-A273-4C80-8800-1BB13805EB9B}
[2012/06/07 10:01:41 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{5C5843D5-B261-4745-9311-9634D97048B7}
[2012/06/07 09:16:31 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{4B2424F2-2EEF-4BF8-9240-669E88F6EAA3}
[2012/06/07 08:54:48 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{93B11615-43C1-447E-B273-5040C2D08060}
[2012/06/07 08:51:02 | 000,000,000 | ---D | C] -- C:\Users\CASA\AppData\Local\{B12686E0-C9F5-4F68-9CF5-4F036DD9D524}
[2012/03/14 10:53:41 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files (x86)\Common Files\keyhelp.ocx
[2011/09/11 20:01:45 | 001,531,392 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- C:\Users\CASA\AppData\Roaming\tsdnwin.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/06 23:37:37 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/06 23:37:37 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/06 23:28:57 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/06 23:28:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/06 23:28:08 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/06 11:41:55 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012/07/06 10:25:04 | 000,003,296 | ---- | M] () -- C:\bootsqm.dat
[2012/07/05 17:50:01 | 001,523,914 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/05 17:50:01 | 000,665,956 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2012/07/05 17:50:01 | 000,618,160 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/05 17:50:01 | 000,129,146 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2012/07/05 17:50:01 | 000,107,440 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/04 22:03:55 | 000,001,401 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120706-114822.backup
[2012/07/04 22:03:55 | 000,001,401 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120706-114506.backup
[2012/07/04 22:03:55 | 000,001,401 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/01 18:12:34 | 000,094,779 | ---- | M] () -- C:\Users\CASA\Desktop\Sem Título.wma
[2012/06/28 12:30:26 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/06/28 12:30:14 | 001,534,752 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/06/25 21:42:43 | 000,001,190 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/06/24 13:37:31 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/24 13:37:31 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/23 21:12:39 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/23 21:12:39 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/23 17:16:55 | 000,017,408 | ---- | M] () -- C:\Users\CASA\AppData\Local\WebpageIcons.db
[2012/06/23 11:51:49 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/20 18:46:51 | 002,332,805 | ---- | M] () -- C:\Users\CASA\Desktop\123
[2012/06/14 17:10:12 | 000,016,783 | ---- | M] () -- C:\Users\CASA\Desktop\pai COBRANCA 2012.pdf
[2012/06/13 09:55:24 | 002,440,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/06 10:25:04 | 000,003,296 | ---- | C] () -- C:\bootsqm.dat
[2012/07/01 18:12:33 | 000,094,779 | ---- | C] () -- C:\Users\CASA\Desktop\Sem Título.wma
[2012/06/28 12:30:20 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/06/25 21:42:43 | 000,001,190 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/06/23 17:16:39 | 000,017,408 | ---- | C] () -- C:\Users\CASA\AppData\Local\WebpageIcons.db
[2012/06/23 11:51:49 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/20 19:09:00 | 002,332,805 | ---- | C] () -- C:\Users\CASA\Desktop\123
[2012/06/14 17:10:12 | 000,016,783 | ---- | C] () -- C:\Users\CASA\Desktop\pai COBRANCA 2012.pdf
[2012/06/07 09:58:29 | 000,002,524 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/04/25 09:04:44 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/12/25 08:50:38 | 000,000,000 | ---- | C] () -- C:\Users\CASA\AppData\Local\{2A9DDD4A-1BDE-4792-BF66-5332A8355329}
[2011/12/15 17:00:58 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011/12/06 21:03:42 | 000,000,000 | ---- | C] () -- C:\Users\CASA\AppData\Local\{E0381B83-C149-4A64-B2B6-3E854438B24F}
[2011/10/15 11:37:34 | 000,007,670 | ---- | C] () -- C:\Users\CASA\AppData\Roaming\.freeciv-client-rc-2.3
[2011/09/11 17:52:52 | 000,000,454 | ---- | C] () -- C:\Users\CASA\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/06/18 19:45:12 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\PDF2TIFF.DAT
[2011/06/01 08:18:06 | 001,878,831 | ---- | C] () -- C:\Windows\SysWow64\CalculoV32.dll
[2011/04/26 17:48:32 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/26 17:48:32 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/16 15:43:41 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\MSJCE.dll
[2011/03/31 14:01:04 | 000,000,146 | ---- | C] () -- C:\Users\CASA\AppData\Local\Settings.ini
[2011/03/24 09:37:00 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/02/27 13:27:39 | 000,141,138 | ---- | C] () -- C:\Windows\hpwins27.dat.temp
[2011/02/27 12:22:50 | 000,000,160 | ---- | C] () -- C:\Windows\MyDrivers.ini
[2011/02/27 11:23:56 | 000,141,138 | ---- | C] () -- C:\Windows\hpwins27.dat
[2011/02/27 11:23:56 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2011/02/26 21:56:29 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp
[2011/02/23 08:37:38 | 000,176,852 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2011/02/23 08:15:17 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2011/02/20 12:44:38 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/02/20 12:44:38 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/02/20 12:44:33 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/02/20 12:44:33 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011/02/20 12:34:24 | 000,007,597 | ---- | C] () -- C:\Users\CASA\AppData\Local\Resmon.ResmonCfg
[2011/01/25 17:32:38 | 001,534,752 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/14 08:52:54 | 000,000,700 | ---- | C] () -- C:\Users\CASA\.powerupdate.user.properties
[2010/08/08 12:58:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/07/19 19:52:31 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2010/07/18 21:38:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/17 21:44:46 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/07/17 20:51:18 | 000,001,248 | ---- | C] () -- C:\Windows\SysWow64\vscfdx.dll
[2010/07/17 20:50:53 | 000,000,068 | ---- | C] () -- C:\Windows\batchrec.ini
[2010/07/17 19:57:19 | 000,047,104 | ---- | C] () -- C:\Users\CASA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/17 16:06:41 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/07/17 16:06:41 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
========== Alternate Data Streams ==========
@Alternate Data Stream - 310 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
< End of report >