Quantcast

janelas que abrem sozinhas!!

classic Clássica list Lista threaded Em Árvore
Travado 13 mensagens Opções
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

janelas que abrem sozinhas!!

guidymuller
OTL logfile created on: 12/07/2013 07:23:02 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ingrid\Downloads
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 38,58% Memory free
8,00 Gb Paging File | 4,53 Gb Available in Paging File | 56,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,01 Gb Total Space | 779,76 Gb Free Space | 84,94% Space Free | Partition Type: NTFS
Drive D: | 13,41 Gb Total Space | 1,65 Gb Free Space | 12,33% Space Free | Partition Type: NTFS
 
Computer Name: INGRID-HP | User Name: Ingrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/07/12 07:22:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ingrid\Downloads\OTL.exe
PRC - [2013/07/02 09:17:20 | 000,064,008 | ---- | M] (Google) -- C:\Users\Ingrid\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2013/05/29 02:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\old_chrome.exe
PRC - [2013/05/10 04:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 22:17:26 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Ingrid\AppData\Roaming\Yontoo\YontooDesktop.exe
PRC - [2013/04/16 22:17:26 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/20 14:50:49 | 000,640,024 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013/03/06 20:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/05 12:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/02/02 21:05:46 | 001,718,920 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/07/04 17:50:07 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\java.exe
PRC - [2012/06/15 23:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
PRC - [2012/04/13 19:25:26 | 000,474,097 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/01/06 15:58:28 | 000,199,624 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/02 15:56:10 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2010/12/22 13:48:34 | 000,241,664 | ---- | M] (Tanuki Software, Ltd.) -- C:\Users\Ingrid\AppData\Local\Freenet\wrapper\freenetwrapper.exe
PRC - [2010/11/20 09:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/07/12 07:03:39 | 000,079,234 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Temp\jbigi583599757457225454lib.tmp
MOD - [2013/07/12 07:03:38 | 000,040,960 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Temp\jcpuid454868495769772757lib.tmp
MOD - [2013/07/12 07:02:45 | 000,013,600 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
MOD - [2013/07/10 12:27:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/10 12:27:20 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/10 12:27:02 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/10 12:26:59 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/10 12:26:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/10 12:26:51 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/13 19:42:20 | 013,140,872 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2013/06/03 06:57:01 | 002,521,552 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2013/05/29 02:27:38 | 000,393,168 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
MOD - [2013/05/29 02:27:35 | 004,051,408 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 02:26:40 | 000,599,504 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 02:26:39 | 000,124,368 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 02:26:36 | 001,597,392 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/16 02:33:37 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/05/16 02:33:36 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/10/05 07:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/04/13 19:25:26 | 000,474,097 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe
MOD - [2011/12/25 17:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010/11/12 21:33:11 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/04 22:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2010/11/04 22:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/08/29 11:12:24 | 009,717,760 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL55)
SRV:[b]64bit:[/b] - [2010/09/08 01:51:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/06/12 12:48:55 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013/05/10 04:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/20 14:50:49 | 000,640,024 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/05 12:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012/07/20 20:35:29 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 23:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe -- (NAV)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)
SRV - [2012/01/06 15:58:28 | 000,199,624 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/11/25 20:20:28 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/08/05 19:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Arquivos de Programas\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010/08/05 19:47:48 | 000,681,528 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Arquivos de Programas\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2010/06/18 22:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 17:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/03/04 17:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2013/01/18 10:32:02 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2012/07/05 23:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2012/07/05 23:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2012/06/07 01:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ccsetx64.sys -- (ccSet_NAV)
DRV:[b]64bit:[/b] - [2012/05/21 22:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2012/04/17 23:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2012/04/17 22:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/07/25 15:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011/05/24 20:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2011/04/22 18:26:24 | 000,289,952 | R--- | M] (360.cn) [File_System | System | Running] -- C:\Windows\SysNative\drivers\360FltOEM.sys -- (360FltOEM)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/09/08 02:26:02 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010/09/08 01:15:04 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010/08/16 10:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010/03/04 08:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/19 11:14:46 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130215.034\ex64.sys -- (NAVEX15)
DRV - [2013/01/19 11:14:46 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/19 11:14:46 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130215.034\eng64.sys -- (NAVENG)
DRV - [2013/01/17 12:47:21 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/16 15:42:56 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130215.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/15 23:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130208.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/01/06 15:57:08 | 000,047,304 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=808929193
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtBtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=2105302264
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {92001F8A-C36B-473A-91E7-5BE0C81CF2B3}
IE - HKLM\..\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y9xdm002YYus&ptb=EDED07C5-6B2B-487D-9455-A3FE570DC1E9&ind=2011071620&ptnrS=Y9xdm002YYus&si=&n=77de8484&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
IE - HKLM\..\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}: "URL" = http://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=808929193
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://clikseguro.com/
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes,DefaultScope = {92001F8A-C36B-473A-91E7-5BE0C81CF2B3}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y9xdm002YYus&ptb=EDED07C5-6B2B-487D-9455-A3FE570DC1E9&ind=2011071419&ptnrS=Y9xdm002YYus&si=&n=77de83bb&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117199&tt=4612_7&babsrc=SP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117112&tt=4312_2&babsrc=SP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{8BA62835-CD2E-41AC-B506-A6A4E227A169}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MP3R7&o=15863&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=RV&apn_dtid=YYYYYYYYBR&apn_uid=e47e9cb6-2ea7-4ff3-ad45-6012019a9577&apn_sauid=AACA4433-CE80-4393-8FAD-92CA8DEEDA3B
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}: "URL" = http://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7"
FF - prefs.js..extensions.enabledAddons: {87F8774F-B485-47E2-A755-A40A8A5E8874}:2.12.0.15.120
FF - prefs.js..extensions.enabledAddons: {87F8774F-B485-47E2-A755-A40A8A5E886C}:2.12.0.14.120
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@funmoods.com:1.5.1
FF - prefs.js..extensions.enabledAddons: crossriderapp5060@crossrider.com:0.86.38
FF - prefs.js..extensions.enabledAddons: 4zffxtbr@VideoDownloadConverter_4z.com:2.50.0.65474
FF - prefs.js..extensions.enabledAddons: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.4.6.3
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 3
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: SpecialSavings@SpecialSavings.com:2.0.0.1
FF - prefs.js..extensions.enabledAddons: speedanalysis@SpeedAnalysis.com:1.0.0.1
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.10
FF - prefs.js..extensions.enabledAddons: {c95a4e8e-816d-4655-8c79-d736da1adb6d}:3.18.0.7
FF - prefs.js..extensions.enabledAddons: extension23986@extension23986.com:0.91.57
FF - prefs.js..extensions.enabledAddons: YTKaraoke@DacSoft.org:1.112
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\NP4zStub.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ingrid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/19 17:22:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin [2013/01/16 21:19:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2013/01/18 10:10:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\buscape@buscape.com.br: C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013/01/24 20:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Users\Ingrid\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/03/20 14:52:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 20:35:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/18 02:03:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\buscape@buscape.com.br: C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013/01/24 20:57:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Users\Ingrid\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/03/20 14:52:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013/05/23 22:27:19 | 000,000,000 | ---D | M]
 
[2013/03/20 14:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions
[2013/03/20 14:52:12 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com
[2013/01/28 19:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\bProtector_extensions
[2013/06/21 21:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions
[2012/08/01 04:05:16 | 000,000,000 | ---D | M] (Modulo de Seguranca - Banco do Brasil) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
[2012/07/26 01:21:24 | 000,000,000 | ---D | M] (Modulo de Protecao) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}
[2013/06/14 19:24:23 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2013/06/14 19:24:26 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2012/11/17 19:31:35 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013/01/15 20:00:42 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2012/12/04 18:15:54 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
[2011/07/14 18:38:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] ("Savings Vault") -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com
[2012/11/17 19:33:36 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com
[2013/04/27 22:37:44 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com
[2013/03/20 14:52:15 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com
[2013/06/21 13:54:12 | 000,000,000 | ---D | M] (MP3 Rocket Toolbar) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com
[2013/06/14 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\defaults
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\locale
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\skin
[2012/12/04 18:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\extensionCode
[2013/01/28 19:10:41 | 000,000,000 | ---- | M] () (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\bProtector_extensions\mozupd@facebook.com.xpi
[2013/01/15 20:36:28 | 000,844,878 | ---- | M] () (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi
[2012/06/06 21:31:06 | 000,002,333 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\askcom.xml
[2013/05/02 10:46:09 | 000,002,352 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\babylon.xml
[2012/11/17 17:06:11 | 000,002,536 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\browsemngr.xml
[2013/06/14 19:24:41 | 000,002,235 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\clikseguro.xml
[2013/01/15 20:33:04 | 000,000,931 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\conduit.xml
[2012/11/17 19:33:48 | 000,002,349 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Funmoods.xml
[2011/07/14 20:02:42 | 000,009,946 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\RadioPI_4e.xml
[2011/06/24 14:31:37 | 000,003,915 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\SweetIM Search.xml
[2011/06/24 14:31:48 | 000,003,910 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\sweetim.xml
[2013/04/21 23:24:59 | 000,021,707 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Web Search.xml
[2012/08/01 03:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/12/19 23:11:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/23 22:27:19 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
[2013/03/19 17:22:27 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/01/18 10:10:33 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2012/07/20 20:35:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/17 18:31:19 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/07/20 20:35:27 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2011/06/04 07:29:52 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/07/20 20:35:27 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2012/07/20 20:35:27 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/07/20 20:35:27 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/07/20 20:35:27 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com.br/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Ingrid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Savings Vault = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\crossrider
CHR - Extension: Savings Vault = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\
CHR - Extension: YouTube = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Notifica\u00E7\u00F5es do Google+ = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.1.0.618_0\
CHR - Extension: Jovem Pan = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnfmildohfgfpmmbpjdcglefamoddfh\1.4.0_0\
CHR - Extension: Estad\u00E3o = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgellgdbeldoenodfccpcnklegfclikd\1.6.0_0\
CHR - Extension: Pesquisa do Google = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google + = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Planetarium = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0\
CHR - Extension: Climatempo = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpadclmjnppejbenfgklgaganbefgad\1.4.1_0\
CHR - Extension: CMARK = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggeanecfmggdhcimblohekdaeiaeodn\2.3_0\
CHR - Extension: Google Play Music = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: Google Tradutor para Google+ = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Bot\u00E3o do Google +1 = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.2.0.329_0\
CHR - Extension: No Timao = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kibhpbnfcphblbljcejafaiaknegakng\1.1_0\
CHR - Extension: Tube Karaoke = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0\
CHR - Extension: Google Maps = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Gmail = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/02/02 20:06:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Buscape na Hora Plugin) - {051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09} - C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll (Buscapé Company)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Savings Vault) - {11111111-1111-1111-1111-110211391186} - C:\Program Files (x86)\Savings Vault\Savings Vault.dll (215 Apps)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (SpeedAnalysis.com) - {45564571-A21B-48ED-B584-69752EEE9C3D} - C:\Program Files (x86)\SpeedAnalysis.com\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SpecialSavings) - {938958E8-355C-49FF-92B0-53C1B87ACEA9} - C:\Program Files (x86)\SpecialSavings\ScriptHost.dll (SpecialSavings.com)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GBPLUGIN\gbiehabn.dll (Banco Real)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\4zbar.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\ShellBrowser: (no name) - {61628E2A-4FF9-4454-992D-D92A8CD27399} - No CLSID value found.
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AnySend Updater] C:\Program Files (x86)\AnySend\AnySendUpdater.exe File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Deskmedia] C:\Positivo\Deskmedia\Downloader.exe File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000..\Run: [Facebook Update] C:\Users\Ingrid\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000..\Run: [Yontoo Desktop] C:\Users\Ingrid\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start Freenet.lnk = C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: realsecureweb.com.br ([wwws] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santander.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santandernet.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santandernet.com.br ([wwws] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: secureweb.com.br ([www] * in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} https://wwws.santandernet.com.br/mps/plugin/Cab/GbPluginABN.cab (GbPluginObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.162.194.244 200.162.196.29 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2FA83C5-F2BD-478E-9CB4-86BDCFA55902}: DhcpNameServer = 200.162.194.244 200.162.196.29 200.204.0.10 200.204.0.138
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\PROGRA~2\GbPlugin\gbiehAbn.dll) - C:\PROGRA~2\GbPlugin\gbiehAbn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\PROGRA~2\GBPLUGIN\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/07/10 22:26:07 | 000,000,000 | ---D | C] -- C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spark Browser
[2013/07/10 22:20:19 | 000,000,000 | ---D | C] -- C:\toolbarImages
[2013/06/14 20:31:35 | 000,000,000 | ---D | C] -- C:\Users\Ingrid\AppData\Roaming\DealPly
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Ingrid\Documents\*.tmp files -> C:\Users\Ingrid\Documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/07/12 07:29:01 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000UA.job
[2013/07/12 07:10:31 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/12 07:10:31 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/12 07:01:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/12 07:01:03 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/12 01:48:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/12 01:44:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000UA.job
[2013/07/12 01:37:12 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/07/12 01:37:11 | 000,000,005 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\WBPU-TTL.DAT
[2013/07/12 01:13:03 | 000,039,981 | ---- | M] () -- C:\Users\Ingrid\Documents\mãe...pdf
[2013/07/11 19:29:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000Core.job
[2013/07/10 22:26:08 | 000,001,997 | ---- | M] () -- C:\Users\Ingrid\Desktop\facebook.lnk
[2013/07/10 22:26:07 | 000,001,071 | ---- | M] () -- C:\Users\Ingrid\Desktop\Spark Browser.lnk
[2013/07/10 12:20:03 | 000,284,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/10 01:58:45 | 000,002,374 | ---- | M] () -- C:\Users\Ingrid\Desktop\Google Chrome.lnk
[2013/07/09 04:44:01 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000Core.job
[2013/06/29 01:10:38 | 001,342,766 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/06/29 01:10:38 | 001,289,586 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/29 01:10:38 | 000,770,776 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/06/29 01:10:38 | 000,747,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/29 01:10:38 | 000,005,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/23 14:27:05 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIngrid.job
[2013/06/12 12:48:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 12:48:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Ingrid\Documents\*.tmp files -> C:\Users\Ingrid\Documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/07/12 01:13:03 | 000,039,981 | ---- | C] () -- C:\Users\Ingrid\Documents\mãe...pdf
[2013/07/10 22:26:07 | 000,001,997 | ---- | C] () -- C:\Users\Ingrid\Desktop\facebook.lnk
[2013/06/16 10:37:22 | 000,000,005 | ---- | C] () -- C:\Users\Ingrid\AppData\Roaming\WBPU-TTL.DAT
[2013/05/22 12:47:29 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/04/14 19:23:33 | 000,000,238 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/04/13 20:00:14 | 000,004,016 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguro.ini
[2013/04/13 20:00:14 | 000,002,112 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguroOff.ini
[2012/07/29 20:00:53 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/03/11 12:59:26 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/01/11 20:02:35 | 000,000,660 | RHS- | C] () -- C:\Users\Ingrid\ntuser.pol
[2011/07/21 02:31:33 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/05/21 20:14:29 | 000,000,238 | -HS- | C] () -- C:\Users\Ingrid\procede.ini
[2011/05/18 15:35:48 | 000,000,224 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011/05/12 01:06:15 | 000,057,896 | ---- | C] () -- C:\Users\Ingrid\OgAAAGRCY_iLTO3itZ65ROOt2t2fj6POF8hJFIlfU9hJv8jx-C5nvlcp-bVpY5SLsopzznysft5cGJ04-ZZ02G_9xwgAm1T1UNp4I9kKk_RdVZTYPOO6ZAZaPdV-.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/06/08 21:08:25 | 000,000,000 | ---D | M] -- C:\Users\aaaa\AppData\Roaming\Oracle
[2013/03/02 19:41:58 | 000,000,000 | ---D | M] -- C:\Users\aaaa\AppData\Roaming\PSafe
[2011/05/28 23:01:58 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\Babylon
[2011/06/14 22:18:46 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\SoftGrid Client
[2011/05/15 11:46:12 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\WildTangent
[2013/02/25 01:53:05 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\BabSolution
[2012/03/31 20:51:49 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\Babylon
[2013/04/29 16:02:32 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\DSite
[2012/05/12 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\GetRightToGo
[2013/01/25 11:44:11 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\PSafe
[2012/10/17 14:52:35 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\raidcall
[2013/06/18 01:24:49 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\SoftGrid Client
[2013/03/15 14:51:07 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\WildTangent
[2012/03/21 00:00:38 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Babylon
[2012/07/31 14:29:16 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\dll-files.com
[2011/06/09 12:01:53 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\MP3Rocket
[2012/10/27 12:37:18 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\PerformerSoft
[2012/11/01 18:54:44 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Positivo
[2013/01/30 11:20:39 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\PSafe
[2012/10/20 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\raidcall
[2012/07/06 14:19:06 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\SoftGrid Client
[2011/08/11 20:13:25 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Systweak
[2012/01/05 22:44:21 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Unity
[2012/07/29 19:29:50 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\AnySend
[2013/03/11 19:32:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Audacity
[2012/10/26 20:50:25 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Babylon
[2012/07/25 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/06/14 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\DealPly
[2013/04/27 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\DSite
[2012/10/28 20:03:36 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\eType
[2013/03/20 14:51:56 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\File Scout
[2013/05/21 18:28:57 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Funmoods
[2012/11/17 19:32:05 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\GetRightToGo
[2011/05/18 14:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Kazaa Lite
[2013/01/20 17:00:08 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\LegacyGames
[2013/05/01 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Mipony
[2013/06/21 22:58:41 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\MP3Rocket
[2013/04/14 19:40:40 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\MySQL
[2013/03/20 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\PerformerSoft
[2012/06/24 22:29:49 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Phantasmat_bf_se1
[2012/11/01 18:54:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Positivo
[2013/03/12 17:41:15 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\PSafe
[2012/09/03 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\raidcall
[2013/07/09 02:33:20 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SoftGrid Client
[2013/03/20 14:52:15 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SpecialSavings
[2013/03/20 14:52:11 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SpeedanAlysis
[2011/09/29 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Systweak
[2012/03/19 00:30:17 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\TestApp
[2011/05/13 19:46:33 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\TP
[2011/05/11 22:47:40 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\WildTangent
[2011/09/22 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\WinBatch
[2013/07/12 07:02:46 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Yontoo
[2011/05/28 20:42:56 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\Babylon
[2011/06/13 17:39:58 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\MP3Rocket
[2011/06/10 00:48:35 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\SoftGrid Client
[2011/05/21 00:43:35 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\WildTangent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 412 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:0BBF232A
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
1. Baixe o AdwCleaner e salve no desktop.
2. Execute-o como administradora e clique em Delete e OK.
3. Se pedir para reiniciar o PC, reinicie-o.
4 - Ele vai criar um relatório em seu desktop.

Poste este relatório aqui.
MODERADOR
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
# AdwCleaner v2.305 - Relatório criado em 13/07/2013 às 00:51:08
# Atualizado em 11/07/2013 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Ingrid - INGRID-HP
# Modo de Boot : Normal
# Executado de : C:\Users\Ingrid\Downloads\adwcleaner (1).exe
# Opção [Verificar]


***** [Serviços] *****

Encontrado : Browser Manager
Encontrado : IBUpdaterService
Encontrado : Yontoo Desktop Updater

***** [Arquivos/Pastas] *****

Arquivo Encontrado : C:\END
Arquivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Arquivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
Arquivo Encontrado : C:\user.js
Arquivo Encontrado : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Encontrado : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\BabMaint.exe
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\bprotector_extensions.sqlite
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\bprotector_prefs.js
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\searchplugins\Babylon.xml
Arquivo Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\searchplugins\funmoods.xml
Arquivo Encontrado : C:\Users\Eliziara\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Encontrado : C:\Users\Eliziara\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\searchplugins\Babylon.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Encontrado : C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\bprotector_extensions.sqlite
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\bprotector_prefs.js
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\Askcom.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\Babylon.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\browsemngr.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\Conduit.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\funmoods.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\SweetIM Search.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\SweetIm.xml
Arquivo Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\searchplugins\Web Search.xml
Arquivo Encontrado : C:\Windows\Tasks\DSite.job
Pasta Encontrado : C:\Program Files (x86)\Ask.com
Pasta Encontrado : C:\Program Files (x86)\Babylon
Pasta Encontrado : C:\Program Files (x86)\DealPly
Pasta Encontrado : C:\Program Files (x86)\LyricsFinder
Pasta Encontrado : C:\Program Files (x86)\PriceGong
Pasta Encontrado : C:\Program Files (x86)\Savings Vault
Pasta Encontrado : C:\Program Files (x86)\SpecialSavings
Pasta Encontrado : C:\Program Files (x86)\SpeedAnalysis.com
Pasta Encontrado : C:\Program Files (x86)\SweetIM
Pasta Encontrado : C:\Program Files (x86)\VideoDownloadConverter_4z
Pasta Encontrado : C:\Program Files (x86)\Yontoo
Pasta Encontrado : C:\Program Files\Babylon
Pasta Encontrado : C:\ProgramData\Ask
Pasta Encontrado : C:\ProgramData\Babylon
Pasta Encontrado : C:\ProgramData\Browser Manager
Pasta Encontrado : C:\ProgramData\IBUpdaterService
Pasta Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Pasta Encontrado : C:\ProgramData\SweetIM
Pasta Encontrado : C:\ProgramData\Tarma Installer
Pasta Encontrado : C:\ProgramData\Trymedia
Pasta Encontrado : C:\Users\aaaa\AppData\LocalLow\AskToolbar
Pasta Encontrado : C:\Users\aaaa\AppData\LocalLow\PriceGong
Pasta Encontrado : C:\Users\Ana Paula\AppData\Local\Babylon
Pasta Encontrado : C:\Users\Ana Paula\AppData\Local\Temp\Babylon
Pasta Encontrado : C:\Users\Ana Paula\AppData\LocalLow\BabylonToolbar
Pasta Encontrado : C:\Users\Ana Paula\AppData\LocalLow\facemoods.com
Pasta Encontrado : C:\Users\Ana Paula\AppData\LocalLow\PriceGong
Pasta Encontrado : C:\Users\Ana Paula\AppData\LocalLow\SweetIM
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Babylon
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Local\Babylon
Pasta Encontrado : C:\Users\Convidado\AppData\Local\Temp\Babylon
Pasta Encontrado : C:\Users\Convidado\AppData\Local\VideoDownloadConverter_4z
Pasta Encontrado : C:\Users\Convidado\AppData\LocalLow\AskToolbar
Pasta Encontrado : C:\Users\Convidado\AppData\LocalLow\BabylonToolbar
Pasta Encontrado : C:\Users\Convidado\AppData\LocalLow\facemoods.com
Pasta Encontrado : C:\Users\Convidado\AppData\LocalLow\PriceGong
Pasta Encontrado : C:\Users\Convidado\AppData\LocalLow\SweetIM
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\BabSolution
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Babylon
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\DSite
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Convidado\AppData\Roaming\Mozilla\Firefox\Profiles\hmyvnplg.default\extensions\ffxtlbr@funmoods.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Local\Babylon
Pasta Encontrado : C:\Users\Eliziara\AppData\Local\Temp\Babylon
Pasta Encontrado : C:\Users\Eliziara\AppData\LocalLow\AskToolbar
Pasta Encontrado : C:\Users\Eliziara\AppData\LocalLow\BabylonToolbar
Pasta Encontrado : C:\Users\Eliziara\AppData\LocalLow\facemoods.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Babylon
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Eliziara\AppData\Roaming\PerformerSoft
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\APN
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\PackageAware
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\Savings Sidekick
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\Savings Vault
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\Temp\AskSearch
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\Temp\Smartbar
Pasta Encontrado : C:\Users\Ingrid\AppData\Local\VideoDownloadConverter_4z
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\AskToolbar
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\BabylonToolbar
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\Conduit
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\facemoods.com
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\PriceGong
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\SweetIM
Pasta Encontrado : C:\Users\Ingrid\AppData\LocalLow\VideoDownloadConverter_4z
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Babylon
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\DealPly
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\DSite
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\eType
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\file scout
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Funmoods
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\ConduitCommon
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\CT1561552
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\PerformerSoft
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\SpecialSavings
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\SpeedanAlysis
Pasta Encontrado : C:\Users\Ingrid\AppData\Roaming\Yontoo
Pasta Encontrado : C:\Users\Isabela\AppData\Local\Babylon
Pasta Encontrado : C:\Users\Isabela\AppData\Local\Temp\Babylon
Pasta Encontrado : C:\Users\Isabela\AppData\LocalLow\BabylonToolbar
Pasta Encontrado : C:\Users\Isabela\AppData\LocalLow\facemoods.com
Pasta Encontrado : C:\Users\Isabela\AppData\LocalLow\PriceGong
Pasta Encontrado : C:\Users\Isabela\AppData\LocalLow\SweetIM
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Babylon
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\extensions\crossriderapp5060@crossrider.com
Pasta Encontrado : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Pasta Encontrado : C:\Windows\Installer\{A1194237-547A-461d-BD44-B97B1574A7DA}
Pasta Encontrado : C:\Windows\SysWOW64\Browser Manager

***** [Registro] *****

Chave Encontrada : HKCU\Software\APN
Chave Encontrada : HKCU\Software\APN PIP
Chave Encontrada : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Encontrada : HKCU\Software\AppDataLow\Software\Conduit
Chave Encontrada : HKCU\Software\AppDataLow\Software\Crossrider
Chave Encontrada : HKCU\Software\AppDataLow\Software\PriceGong
Chave Encontrada : HKCU\Software\AppDataLow\Software\Savings Sidekick
Chave Encontrada : HKCU\Software\AppDataLow\Software\Savings Vault
Chave Encontrada : HKCU\Software\AppDataLow\Software\SmartBar
Chave Encontrada : HKCU\Software\Ask.com
Chave Encontrada : HKCU\Software\BabSolution
Chave Encontrada : HKCU\Software\Conduit
Chave Encontrada : HKCU\Software\Cr_Installer
Chave Encontrada : HKCU\Software\DataMngr
Chave Encontrada : HKCU\Software\DataMngr_Toolbar
Chave Encontrada : HKCU\Software\DealPly
Chave Encontrada : HKCU\Software\DSNR Labs
Chave Encontrada : HKCU\Software\filescout
Chave Encontrada : HKCU\Software\Funmoods
Chave Encontrada : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Encontrada : HKCU\Software\Iminent
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\InstalledBrowserExtensions
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Chave Encontrada : HKCU\Software\performersoft llc
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\5e6d88bbc6eee17
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\Software\APN
Chave Encontrada : HKLM\Software\AskToolbar
Chave Encontrada : HKLM\Software\Babylon
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0023986.BHO
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0023986.BHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0023986.Sandbox
Chave Encontrada : HKLM\SOFTWARE\Classes\CrossriderApp0023986.Sandbox.1
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chave Encontrada : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chave Encontrada : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Chave Encontrada : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Chave Encontrada : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Chave Encontrada : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Chave Encontrada : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Chave Encontrada : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Chave Encontrada : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Chave Encontrada : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Chave Encontrada : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Prod.cap
Chave Encontrada : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chave Encontrada : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chave Encontrada : HKLM\SOFTWARE\Classes\sim-packages
Chave Encontrada : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Chave Encontrada : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Chave Encontrada : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Chave Encontrada : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Chave Encontrada : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{30195ABF-E343-4827-9EE0-CF88CD0C2457}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244394486}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{5D08AF8C-7CC2-45A4-BBA7-E997C3B21CDB}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Chave Encontrada : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Chave Encontrada : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chave Encontrada : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chave Encontrada : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Chave Encontrada : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\Software\DataMngr
Chave Encontrada : HKLM\Software\DealPly
Chave Encontrada : HKLM\Software\Iminent
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\233dcc51414a9547941ce9121ecdebd8
Chave Encontrada : HKLM\Software\systweak
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\5e6d88bbc6eee17
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{167393A7-540B-4E38-85C2-124836F6B011}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220222392286}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4C402865-4845-409D-BD6C-FC55DFAC509C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550255395586}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660266396686}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211391186}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211391186}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A1194237-547A-461d-BD44-B97B1574A7DA}
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Savings Vault
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Chave Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255395586}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266396686}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C17A0751-580B-466B-8271-5C73EFDC1295}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chave Encontrada : HKLM\SOFTWARE\Tarma Installer
Chave Encontrada : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chave Encontrada : HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Valor Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Valor Encontrada : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valor Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com]
Valor Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valor Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Navegadores] *****

-\\ Internet Explorer v10.0.9200.16635

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
[HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}

-\\ Mozilla Firefox v12.0 (pt-BR)

Arquivo : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\plr85c92.default\prefs.js

Encontrada : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP[...]
Encontrada : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Encontrada : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Encontrada : user_pref("browser.bdtoolbar.orig_keyword_url", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jh[...]
Encontrada : user_pref("browser.search.defaultengine", "Ask.com");
Encontrada : user_pref("browser.search.defaultenginename", "Ask.com");
Encontrada : user_pref("browser.search.defaultthis.engineName", "Hotspot Shield Customized Web Search");
Encontrada : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&Sea[...]
Encontrada : user_pref("browser.search.order.1", "Search the web (Babylon)");
Encontrada : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Encontrada : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_s[...]
Encontrada : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1561552&Search[...]
Encontrada : user_pref("CommunityToolbar.ConduitSearchList", "Hotspot Shield Customized Web Search,Hotspot Shield[...]
Encontrada : user_pref("CommunityToolbar.globalUserId", "2cd5302f-0c29-416b-8925-abf58dd52b53");
Encontrada : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Encontrada : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Encontrada : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1561552");
Encontrada : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Ingrid\\AppData\\Roaming\\Mozilla\\[...]
Encontrada : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");
Encontrada : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Jun 22 2013 01:55:4[...]
Encontrada : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Encontrada : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Encontrada : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Feb 07 2013 00:49:13 GMT+000[...]
Encontrada : user_pref("CommunityToolbar.notifications.locale", "");
Encontrada : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Encontrada : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Jun 22 2013 01:55:41 GMT+0000 (U[...]
Encontrada : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Encontrada : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Encontrada : user_pref("CommunityToolbar.notifications.userId", "2c403a54-2153-46f9-b4df-c1f1e4c30d3a");
Encontrada : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.babylon.com/?affID=117199&tt=4612_7&ba[...]
Encontrada : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)");
Encontrada : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Encontrada : user_pref("CommunityToolbar.ToolbarsList", "CT1561552");
Encontrada : user_pref("CommunityToolbar.ToolbarsList2", "CT1561552");
Encontrada : user_pref("CommunityToolbar.ToolbarsList4", "CT1561552");
Encontrada : user_pref("CT1561552.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Encontrada : user_pref("CT1561552.BrowserCompStateIsOpen_129465890694457068", true);
Encontrada : user_pref("CT1561552.BrowserCompStateIsOpen_129599733639330904", true);
Encontrada : user_pref("CT1561552.BrowserCompStateIsOpen_129599733775895750", true);
Encontrada : user_pref("CT1561552.BrowserCompStateIsOpen_129755532604957823", true);
Encontrada : user_pref("CT1561552.BrowserCompStateIsOpen_129956472781390698", true);
Encontrada : user_pref("CT1561552.components.1000034", true);
Encontrada : user_pref("CT1561552.components.1000234", true);
Encontrada : user_pref("CT1561552.CT1561552", "CT1561552");
Encontrada : user_pref("CT1561552.DialogsGetterLastCheckTime", "Fri Jun 21 2013 16:42:38 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.DownloadReferralCookieData", "");
Encontrada : user_pref("CT1561552.DSChangedManually", false);
Encontrada : user_pref("CT1561552.DSInstall", true);
Encontrada : user_pref("CT1561552.DSProtectChoice", true);
Encontrada : user_pref("CT1561552.DSProtectCount", 2);
Encontrada : user_pref("CT1561552.EMailNotifierPollDate", "Sat Jun 22 2013 05:05:34 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.FirstTime", true);
Encontrada : user_pref("CT1561552.FirstTimeFF3", true);
Encontrada : user_pref("CT1561552.FirstTimeHiddenVer", true);
Encontrada : user_pref("CT1561552.FixPageNotFoundErrors", true);
Encontrada : user_pref("CT1561552.globalFirstTimeInfoLastCheckTime", "Fri Jun 14 2013 22:53:09 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.HasUserGlobalKeys", true);
Encontrada : user_pref("CT1561552.HomepageBeforeUnload", "hxxp://search.babylon.com/?affID=117199&tt=4612_7&babsr[...]
Encontrada : user_pref("CT1561552.HomePageProtectorEnabled", false);
Encontrada : user_pref("CT1561552.HPInstall", true);
Encontrada : user_pref("CT1561552.HPProtectChoice", true);
Encontrada : user_pref("CT1561552.HPProtectCount", 1);
Encontrada : user_pref("CT1561552.initDone", true);
Encontrada : user_pref("CT1561552.Initialize", true);
Encontrada : user_pref("CT1561552.InitializeCommonPrefs", true);
Encontrada : user_pref("CT1561552.InstallationAndCookieDataSentCount", 3);
Encontrada : user_pref("CT1561552.InstallationType", "Unknown");
Encontrada : user_pref("CT1561552.InstalledDate", "Thu Feb 07 2013 01:49:17 GMT+0100");
Encontrada : user_pref("CT1561552.InvalidateCache", false);
Encontrada : user_pref("CT1561552.IsAlertDBUpdated", true);
Encontrada : user_pref("CT1561552.isFirstRadioInstallation", false);
Encontrada : user_pref("CT1561552.IsGrouping", false);
Encontrada : user_pref("CT1561552.IsInitSetupIni", true);
Encontrada : user_pref("CT1561552.IsMulticommunity", false);
Encontrada : user_pref("CT1561552.IsOpenThankYouPage", true);
Encontrada : user_pref("CT1561552.IsOpenUninstallPage", true);
Encontrada : user_pref("CT1561552.IsProtectorsInit", true);
Encontrada : user_pref("CT1561552.MyStuffEnabledAtInstallation", true);
Encontrada : user_pref("CT1561552.navigateToUrlOnSearch", false);
Encontrada : user_pref("CT1561552.OriginalFirstVersion", "3.16.0.100");
Encontrada : user_pref("CT1561552.RadioIsPodcast", false);
Encontrada : user_pref("CT1561552.RadioLastCheckTime", "Sat Jun 22 2013 05:08:13 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.RadioMediaID", "13448970");
Encontrada : user_pref("CT1561552.RadioMediaType", "Media Player");
Encontrada : user_pref("CT1561552.RadioMenuSelectedID", "EBRadioMenu_CT156155213448970");
Encontrada : user_pref("CT1561552.RadioShrinkedFromSetup", false);
Encontrada : user_pref("CT1561552.RadioStationName", "Danceradio");
Encontrada : user_pref("CT1561552.RadioStationURL", "hxxp://101danceradio.com/wmx/classicrockjukebox64k.wmx");
Encontrada : user_pref("CT1561552.SavedHomepage", "hxxp://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss[...]
Encontrada : user_pref("CT1561552.SearchCaption", "Hotspot Shield Customized Web Search");
Encontrada : user_pref("CT1561552.SearchEngineBeforeUnload", "Hotspot Shield Customized Web Search");
Encontrada : user_pref("CT1561552.SearchFromAddressBarIsInit", true);
Encontrada : user_pref("CT1561552.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT156[...]
Encontrada : user_pref("CT1561552.SearchProtectorEnabled", true);
Encontrada : user_pref("CT1561552.SearchProtectorToolbarDisabled", false);
Encontrada : user_pref("CT1561552.SendProtectorDataViaLogin", true);
Encontrada : user_pref("CT1561552.ServiceMapLastCheckTime", "Fri Jun 21 2013 16:42:38 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.SettingsLastCheckTime", "Sat Jun 22 2013 01:55:44 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1561552&SearchSource=13");
Encontrada : user_pref("CT1561552.testingCtid", "");
Encontrada : user_pref("CT1561552.ThirdPartyComponentsLastCheck", "Sat Jun 22 2013 01:55:17 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.toolbarAppMetaDataLastCheckTime", "Fri Jun 21 2013 16:42:38 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.toolbarContextMenuLastCheckTime", "Fri Jun 14 2013 22:53:09 GMT+0000 (UTC)");
Encontrada : user_pref("CT1561552.ToolbarShrinkedFromSetup", false);
Encontrada : user_pref("CT1561552.usagesFlag", 2);
Encontrada : user_pref("CT1561552.UserID", "UN21581054604134142");
Encontrada : user_pref("CT1561552.WeatherPollDate", "Sat Jun 22 2013 04:56:34 GMT+0000 (UTC)");
Encontrada : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Encontrada : user_pref("extensions.BabylonToolbar.admin", false);
Encontrada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Encontrada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Encontrada : user_pref("extensions.BabylonToolbar.babExt", "");
Encontrada : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=3012_4");
Encontrada : user_pref("extensions.BabylonToolbar.bbDpng", "6");
Encontrada : user_pref("extensions.BabylonToolbar.cntry", "BR");
Encontrada : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Encontrada : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Encontrada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Encontrada : user_pref("extensions.BabylonToolbar.hdrMd5", "3433757357DDA1D0963FE2A4FF7436AD");
Encontrada : user_pref("extensions.BabylonToolbar.hmpg", true);
Encontrada : user_pref("extensions.BabylonToolbar.id", "506b8b2f000000000000984be133e4e7");
Encontrada : user_pref("extensions.BabylonToolbar.instlDay", "15661");
Encontrada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Encontrada : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.819:31:46");
Encontrada : user_pref("extensions.BabylonToolbar.newTab", false);
Encontrada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Encontrada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Encontrada : user_pref("extensions.BabylonToolbar.sg", "azb");
Encontrada : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Encontrada : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Encontrada : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Encontrada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Encontrada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Encontrada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Encontrada : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.819:31:46");
Encontrada : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Encontrada : user_pref("extensions.BabylonToolbar_i.babExt", "");
Encontrada : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_4");
Encontrada : user_pref("extensions.BabylonToolbar_i.hardId", "506b8b2f000000000000984be133e4e7");
Encontrada : user_pref("extensions.BabylonToolbar_i.id", "506b8b2f000000000000984be133e4e7");
Encontrada : user_pref("extensions.BabylonToolbar_i.instlDay", "15472");
Encontrada : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Encontrada : user_pref("extensions.BabylonToolbar_i.newTab", false);
Encontrada : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Encontrada : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Encontrada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Encontrada : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Encontrada : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Encontrada : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Encontrada : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Encontrada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:31:46");
Encontrada : user_pref("extensions.crossriderapp23986.23986.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Encontrada : user_pref("extensions.crossriderapp23986.23986.cookie.InstallationTime.value", "1368666628");
Encontrada : user_pref("extensions.crossriderapp23986.23986.InstallationTime", 1368666628);
Encontrada : user_pref("extensions.crossriderapp23986.adsOldValue", -1);
Encontrada : user_pref("extensions.crossriderapp23986.bic", "13cb22006f5c2808f514b13454de2786");
Encontrada : user_pref("extensions.crossriderapp23986.firstrun", false);
Encontrada : user_pref("extensions.crossriderapp23986.installationdate", 1368666628);
Encontrada : user_pref("extensions.crossriderapp23986.lastcheck", 22864436);
Encontrada : user_pref("extensions.crossriderapp23986.lastcheckitem", 22864628);
Encontrada : user_pref("extensions.crossriderapp23986.statsDailyCounter", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.active", true);
Encontrada : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.addressbarenhanced", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n//\n");
Encontrada : user_pref("extensions.crossriderapp5060.5060.backgroundver", 43);
Encontrada : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Encontrada : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1351295401");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.expiration", "Fri Jul 05 201[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.value", "%22%28function%28%2[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Fri Jul 05 2013 10:[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Fri Jul 12 2013 [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22BR%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1373032217");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.value", "%221372075046%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:0[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.value", "24");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.value", "1371248699");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.expiration", "Fri Jul 05 2013 16:50[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b69[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.expiration", "Fri Jul 05 2013 [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.value", "1373032245.796");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2245990%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1371248691104");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221265%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2298616%22");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1360198135968");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1351295401");
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.value", "%7B%22source_id%22%3A%2[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Encontrada : user_pref("extensions.crossriderapp5060.5060.domain", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.group", 0);
Encontrada : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1351295401);
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "90");
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Fri Jul 05[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Encontrada : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 6);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 15);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var a=appAPI.db.getList([...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 39);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 5);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 9);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 4);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 4);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 4);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jq[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 4);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.name", "appApiMessage");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.ver", 2);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.name", "appApiValidation");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.ver", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.code", "if(typeof jQuery!==\"undefine[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.name", "CrossriderInfo");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.ver", 3);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.code", "(function(){var b=\"cr_\"+app[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.name", "omniCommands");
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.ver", 2);
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,10000[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/app[...]
Encontrada : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 66);
Encontrada : user_pref("extensions.crossriderapp5060.5060.publisher", "Innovative Apps");
Encontrada : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Encontrada : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Encontrada : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Encontrada : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Encontrada : user_pref("extensions.crossriderapp5060.5060.ver", 90);
Encontrada : user_pref("extensions.crossriderapp5060.apps", "5060");
Encontrada : user_pref("extensions.crossriderapp5060.bic", "13cb22006f5c2808f514b13454de2786");
Encontrada : user_pref("extensions.crossriderapp5060.cid", 5060);
Encontrada : user_pref("extensions.crossriderapp5060.firstrun", false);
Encontrada : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Encontrada : user_pref("extensions.crossriderapp5060.installationdate", 1360198109);
Encontrada : user_pref("extensions.crossriderapp5060.lastcheck", 22884251);
Encontrada : user_pref("extensions.crossriderapp5060.lastcheckitem", 22884251);
Encontrada : user_pref("extensions.crossriderapp5060.modetype", "production");
Encontrada : user_pref("extensions.crossriderapp5060.reportInstall", true);
Encontrada : user_pref("extensions.crossriderapp5060.updating", true);
Encontrada : user_pref("extensions.enabledAddons", "{87F8774F-B485-47E2-A755-A40A8A5E8874}:2.12.0.15.120,{87F8774[...]
Encontrada : user_pref("extensions.funmoods.aflt", "pcmega1");
Encontrada : user_pref("extensions.funmoods.autoRvrt", false);
Encontrada : user_pref("extensions.funmoods.cntry", "BR");
Encontrada : user_pref("extensions.funmoods.cv", "cv5");
Encontrada : user_pref("extensions.funmoods.dfltLng", "");
Encontrada : user_pref("extensions.funmoods.dfltSrch", true);
Encontrada : user_pref("extensions.funmoods.dnsErr", true);
Encontrada : user_pref("extensions.funmoods.envrmnt", "production");
Encontrada : user_pref("extensions.funmoods.excTlbr", false);
Encontrada : user_pref("extensions.funmoods.fmupdtFirst", false);
Encontrada : user_pref("extensions.funmoods.hdrMd5", "2CBF9A52012311E42843C5C09F948D43");
Encontrada : user_pref("extensions.funmoods.hmpg", true);
Encontrada : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=pcmega1&chnl=pcmega1&cd=2[...]
Encontrada : user_pref("extensions.funmoods.id", "984BE133E4E78B2F");
Encontrada : user_pref("extensions.funmoods.instlDay", "15661");
Encontrada : user_pref("extensions.funmoods.instlRef", "pcmega1");
Encontrada : user_pref("extensions.funmoods.isdcmntcmplt", true);
Encontrada : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2220:30:50");
Encontrada : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Encontrada : user_pref("extensions.funmoods.newTab", true);
Encontrada : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=pcmega1&chnl=pcmega1&cd[...]
Encontrada : user_pref("extensions.funmoods.pnu_base", "{\"newVrsn\":\"197\",\"lastVrsn\":\"197\",\"vrsnLoad\":\"[...]
Encontrada : user_pref("extensions.funmoods.prdct", "funmoods");
Encontrada : user_pref("extensions.funmoods.prtnrId", "funmoods");
Encontrada : user_pref("extensions.funmoods.sg", "none");
Encontrada : user_pref("extensions.funmoods.smplGrp", "none");
Encontrada : user_pref("extensions.funmoods.srchPrvdr", "Search");
Encontrada : user_pref("extensions.funmoods.tlbrId", "base");
Encontrada : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=pcmega1&chnl=pcmega1&[...]
Encontrada : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Encontrada : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Encontrada : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2220:30:50");
Encontrada : user_pref("extensions.funmoods_i.newTab", true);
Encontrada : user_pref("extensions.funmoods_i.smplGrp", "none");
Encontrada : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2220:30:50");
Encontrada : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Encontrada : user_pref("extentions.y2layers.installId", "1D3A98B0-209A-99CE-C5A5-B5F7B05C6ABD");
Encontrada : user_pref("extentions.y2layers.installId_backup", "1D3A98B0-209A-99CE-C5A5-B5F7B05C6ABD");

Arquivo : C:\Users\Isabela\AppData\Roaming\Mozilla\Firefox\Profiles\uum4f2ht.default\prefs.js

Encontrada : user_pref("extensions.crossriderapp5060.adsOldValue", -1);

Arquivo : C:\Users\Ana Paula\AppData\Roaming\Mozilla\Firefox\Profiles\qgvlwpdh.default\prefs.js

Encontrada : user_pref("browser.startup.homepage", "hxxp://search.hotspotshield.com/g/?c=h");
Encontrada : user_pref("extensions.RadioPI_4e.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensear[...]
Encontrada : user_pref("extensions.RadioPI_4e.prevKwdURL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q="[...]
Encontrada : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y9xdm002YYus&ptb[...]
Encontrada : user_pref("extensions.crossriderapp5060.adsOldValue", -1);

Arquivo : C:\Users\Eliziara\AppData\Roaming\Mozilla\Firefox\Profiles\x2se28f5.default\prefs.js

Encontrada : user_pref("browser.babylon.HPOnNewTab,s", "search.babylon.com");
Encontrada : user_pref("browser.bdtoolbar.orig_keyword_url", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jh[...]
Encontrada : user_pref("browser.search.defaultengine", "Ask.com");
Encontrada : user_pref("browser.search.defaultenginename", "Ask.com");
Encontrada : user_pref("browser.search.defaultenginename,S", "Search the web (Babylon)");
Encontrada : user_pref("browser.search.order.1", "Ask.com");
Encontrada : user_pref("browser.search.order.1,S", "Search the web (Babylon)");
Encontrada : user_pref("browser.search.selectedEngine,S", "Search the web (Babylon)");
Encontrada : user_pref("browser.startup.homepage,h", "hxxp://search.babylon.com/home?AF=15821&tt=190212_new");
Encontrada : user_pref("extensions.RadioPI_4e.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensear[...]
Encontrada : user_pref("extensions.RadioPI_4e.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtm[...]
Encontrada : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.mywebsearch.com/mywebsearch/GGm[...]
Encontrada : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=MP3R7&o=15863&locale[...]
Encontrada : user_pref("keyword.URL,h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=15821&tt=190212_new&q=");
Encontrada : user_pref("extensions.crossriderapp5060.adsOldValu
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
As janelas ainda estão abrindo?
MODERADOR
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
sim, sempre!!
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
alguma solução?
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
Opa...

Sim, sim, tem solução. Desculpe! A faculdade me apertou um pouco esses últimos dias.

Peço que poste um novo log normal do OTL.

Certamente o AdwCleaner não removeu o spyware que estava aí.

MODERADOR
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
Em resposta à esta mensagem postada por guidymuller
OTL logfile created on: 17/07/2013 11:33:28 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ingrid\Downloads
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
 
4,00 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 59,37% Memory free
8,00 Gb Paging File | 5,30 Gb Available in Paging File | 66,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,01 Gb Total Space | 778,19 Gb Free Space | 84,77% Space Free | Partition Type: NTFS
Drive D: | 13,41 Gb Total Space | 1,65 Gb Free Space | 12,33% Space Free | Partition Type: NTFS
 
Computer Name: INGRID-HP | User Name: Ingrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/07/17 11:32:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ingrid\Downloads\OTL (1).exe
PRC - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2013/05/29 02:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\old_chrome.exe
PRC - [2013/05/10 04:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 22:17:26 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Ingrid\AppData\Roaming\Yontoo\YontooDesktop.exe
PRC - [2013/04/16 22:17:26 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/20 14:50:49 | 000,640,024 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013/03/06 20:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/05 12:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/02/02 21:05:46 | 001,718,920 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/07/04 17:50:07 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\java.exe
PRC - [2012/06/15 23:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
PRC - [2012/04/13 19:25:26 | 000,474,097 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/01/06 15:58:28 | 000,199,624 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/02 15:56:10 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2010/12/22 13:48:34 | 000,241,664 | ---- | M] (Tanuki Software, Ltd.) -- C:\Users\Ingrid\AppData\Local\Freenet\wrapper\freenetwrapper.exe
PRC - [2010/11/20 09:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/07/17 10:24:05 | 000,079,234 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Temp\jbigi397626448666524253lib.tmp
MOD - [2013/07/17 10:24:04 | 000,040,960 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Temp\jcpuid6498651852549047455lib.tmp
MOD - [2013/07/17 10:23:28 | 000,013,600 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
MOD - [2013/07/10 12:27:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/10 12:27:20 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/10 12:27:02 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/10 12:26:59 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/10 12:26:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/10 12:26:51 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/13 19:42:20 | 013,140,872 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2013/06/03 06:57:01 | 002,521,552 | ---- | M] () -- c:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2013/05/29 02:27:38 | 000,393,168 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
MOD - [2013/05/29 02:27:35 | 004,051,408 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 02:26:40 | 000,599,504 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\libglesv2.dll
MOD - [2013/05/29 02:26:39 | 000,124,368 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\libegl.dll
MOD - [2013/05/29 02:26:36 | 001,597,392 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/05/16 02:33:37 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/05/16 02:33:36 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/10/05 07:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/04/13 19:25:26 | 000,474,097 | ---- | M] () -- C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe
MOD - [2011/12/25 17:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010/11/12 21:33:11 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/04 22:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2010/11/04 22:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/08/29 11:12:24 | 009,717,760 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL55)
SRV:[b]64bit:[/b] - [2010/09/08 01:51:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/06/12 12:48:55 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/03 06:57:49 | 003,085,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013/05/10 04:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/20 14:50:49 | 000,640,024 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013/03/06 20:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/05 12:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012/07/20 20:35:29 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 23:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe -- (NAV)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)
SRV - [2012/01/06 15:58:28 | 000,199,624 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/11/25 20:20:28 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/09/28 08:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/08/05 19:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Arquivos de Programas\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010/08/05 19:47:48 | 000,681,528 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Arquivos de Programas\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2010/06/18 22:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 17:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/03/04 17:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2013/03/06 20:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2013/01/18 10:32:02 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2012/07/05 23:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2012/07/05 23:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2012/06/07 01:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ccsetx64.sys -- (ccSet_NAV)
DRV:[b]64bit:[/b] - [2012/05/21 22:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2012/04/17 23:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2012/04/17 22:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/07/25 15:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011/05/24 20:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2011/04/22 18:26:24 | 000,289,952 | R--- | M] (360.cn) [File_System | System | Running] -- C:\Windows\SysNative\drivers\360FltOEM.sys -- (360FltOEM)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/09/08 02:26:02 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010/09/08 01:15:04 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010/08/16 10:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010/03/04 08:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 17:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/19 11:14:46 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130215.034\ex64.sys -- (NAVEX15)
DRV - [2013/01/19 11:14:46 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/19 11:14:46 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130215.034\eng64.sys -- (NAVENG)
DRV - [2013/01/17 12:47:21 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/16 15:42:56 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130215.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/15 23:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130208.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/01/06 15:57:08 | 000,047,304 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=808929193
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtBtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=2105302264
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {92001F8A-C36B-473A-91E7-5BE0C81CF2B3}
IE - HKLM\..\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y9xdm002YYus&ptb=EDED07C5-6B2B-487D-9455-A3FE570DC1E9&ind=2011071620&ptnrS=Y9xdm002YYus&si=&n=77de8484&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
IE - HKLM\..\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}: "URL" = http://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtCtAtA0EyE0EyBzz0BtB0FtN0D0Tzu0CtAtDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=808929193
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://clikseguro.com/
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes,DefaultScope = {92001F8A-C36B-473A-91E7-5BE0C81CF2B3}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=05d8f4c4-9d5c-438b-bf92-e7be97b7d3ac&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Y9xdm002YYus&ptb=EDED07C5-6B2B-487D-9455-A3FE570DC1E9&ind=2011071419&ptnrS=Y9xdm002YYus&si=&n=77de83bb&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117199&tt=4612_7&babsrc=SP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117112&tt=4312_2&babsrc=SP_ss&mntrId=506b8b2f000000000000984be133e4e7
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{8BA62835-CD2E-41AC-B506-A6A4E227A169}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MP3R7&o=15863&src=kw&q={searchTerms}&locale=pt_BR&apn_ptnrs=RV&apn_dtid=YYYYYYYYBR&apn_uid=e47e9cb6-2ea7-4ff3-ad45-6012019a9577&apn_sauid=AACA4433-CE80-4393-8FAD-92CA8DEEDA3B
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}: "URL" = http://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://br.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://pt.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7"
FF - prefs.js..extensions.enabledAddons: {87F8774F-B485-47E2-A755-A40A8A5E8874}:2.12.0.15.120
FF - prefs.js..extensions.enabledAddons: {87F8774F-B485-47E2-A755-A40A8A5E886C}:2.12.0.14.120
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@funmoods.com:1.5.1
FF - prefs.js..extensions.enabledAddons: crossriderapp5060@crossrider.com:0.86.38
FF - prefs.js..extensions.enabledAddons: 4zffxtbr@VideoDownloadConverter_4z.com:2.50.0.65474
FF - prefs.js..extensions.enabledAddons: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.4.6.3
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 3
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: SpecialSavings@SpecialSavings.com:2.0.0.1
FF - prefs.js..extensions.enabledAddons: speedanalysis@SpeedAnalysis.com:1.0.0.1
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.10
FF - prefs.js..extensions.enabledAddons: {c95a4e8e-816d-4655-8c79-d736da1adb6d}:3.18.0.7
FF - prefs.js..extensions.enabledAddons: extension23986@extension23986.com:0.91.57
FF - prefs.js..extensions.enabledAddons: YTKaraoke@DacSoft.org:1.112
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=SB_CUI&q="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 1
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\NP4zStub.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ingrid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/19 17:22:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin [2013/01/16 21:19:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2013/01/18 10:10:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\buscape@buscape.com.br: C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013/01/24 20:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Users\Ingrid\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/03/20 14:52:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 20:35:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/18 02:03:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\buscape@buscape.com.br: C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013/01/24 20:57:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis@SpeedAnalysis.com: C:\Users\Ingrid\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013/03/20 14:52:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013/05/23 22:27:19 | 000,000,000 | ---D | M]
 
[2013/03/20 14:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions
[2013/03/20 14:52:12 | 000,000,000 | ---D | M] (SpeedAnalysis.com) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com
[2013/01/28 19:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\bProtector_extensions
[2013/07/14 20:59:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions
[2012/08/01 04:05:16 | 000,000,000 | ---D | M] (Modulo de Seguranca - Banco do Brasil) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
[2012/07/26 01:21:24 | 000,000,000 | ---D | M] (Modulo de Protecao) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8874}
[2013/06/14 19:24:23 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2013/06/14 19:24:26 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2012/11/17 19:31:35 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013/01/15 20:00:42 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2012/12/04 18:15:54 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com
[2011/07/14 18:38:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] ("Savings Vault") -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com
[2012/11/17 19:33:36 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com
[2013/04/27 22:37:44 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com
[2013/03/20 14:52:15 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com
[2013/07/14 20:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged
[2013/06/21 13:54:12 | 000,000,000 | ---D | M] (MP3 Rocket Toolbar) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com
[2013/06/14 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\defaults
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\locale
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\skin
[2012/12/04 18:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2013/06/14 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\extensionCode
[2013/01/28 19:10:41 | 000,000,000 | ---- | M] () (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\bProtector_extensions\mozupd@facebook.com.xpi
[2013/01/15 20:36:28 | 000,844,878 | ---- | M] () (No name found) -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi
[2012/06/06 21:31:06 | 000,002,333 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\askcom.xml
[2013/05/02 10:46:09 | 000,002,352 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\babylon.xml
[2012/11/17 17:06:11 | 000,002,536 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\browsemngr.xml
[2013/06/14 19:24:41 | 000,002,235 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\clikseguro.xml
[2013/01/15 20:33:04 | 000,000,931 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\conduit.xml
[2012/11/17 19:33:48 | 000,002,349 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Funmoods.xml
[2011/07/14 20:02:42 | 000,009,946 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\RadioPI_4e.xml
[2011/06/24 14:31:37 | 000,003,915 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\SweetIM Search.xml
[2011/06/24 14:31:48 | 000,003,910 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\sweetim.xml
[2013/04/21 23:24:59 | 000,021,707 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Web Search.xml
[2012/08/01 03:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/12/19 23:11:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/23 22:27:19 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
[2013/03/19 17:22:27 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/01/18 10:10:33 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2012/07/20 20:35:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/17 18:31:19 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/07/20 20:35:27 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2011/06/04 07:29:52 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/07/20 20:35:27 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2012/07/20 20:35:27 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/07/20 20:35:27 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/07/20 20:35:27 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com.br/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Ingrid\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Ingrid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ingrid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Savings Vault = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\crossrider
CHR - Extension: Savings Vault = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\
CHR - Extension: YouTube = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Notifica\u00E7\u00F5es do Google+ = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.1.0.618_0\
CHR - Extension: Jovem Pan = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnfmildohfgfpmmbpjdcglefamoddfh\1.4.0_0\
CHR - Extension: Estad\u00E3o = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgellgdbeldoenodfccpcnklegfclikd\1.6.0_0\
CHR - Extension: Pesquisa do Google = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google + = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Planetarium = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0\
CHR - Extension: Climatempo = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpadclmjnppejbenfgklgaganbefgad\1.4.1_0\
CHR - Extension: CMARK = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggeanecfmggdhcimblohekdaeiaeodn\2.3_0\
CHR - Extension: Google Play Music = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: Google Tradutor para Google+ = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl\1.1.7_0\
CHR - Extension: Bot\u00E3o do Google +1 = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.2.0.329_0\
CHR - Extension: No Timao = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\kibhpbnfcphblbljcejafaiaknegakng\1.1_0\
CHR - Extension: Tube Karaoke = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0\
CHR - Extension: Google Maps = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Gmail = C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/02/02 20:06:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Buscape na Hora Plugin) - {051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09} - C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll (Buscapé Company)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Savings Vault) - {11111111-1111-1111-1111-110211391186} - C:\Program Files (x86)\Savings Vault\Savings Vault.dll (215 Apps)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (SpeedAnalysis.com) - {45564571-A21B-48ED-B584-69752EEE9C3D} - C:\Program Files (x86)\SpeedAnalysis.com\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SpecialSavings) - {938958E8-355C-49FF-92B0-53C1B87ACEA9} - C:\Program Files (x86)\SpecialSavings\ScriptHost.dll (SpecialSavings.com)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~2\GBPLUGIN\gbiehabn.dll (Banco Real)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\4zbar.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\ShellBrowser: (no name) - {61628E2A-4FF9-4454-992D-D92A8CD27399} - No CLSID value found.
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AnySend Updater] C:\Program Files (x86)\AnySend\AnySendUpdater.exe File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Deskmedia] C:\Positivo\Deskmedia\Downloader.exe File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000..\Run: [Facebook Update] C:\Users\Ingrid\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000..\Run: [Yontoo Desktop] C:\Users\Ingrid\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start Freenet.lnk = C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Baixar com Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: realsecureweb.com.br ([wwws] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santander.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santandernet.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: santandernet.com.br ([wwws] * in Trusted sites)
O15 - HKU\S-1-5-21-271221751-1856760113-3418612761-1000\..Trusted Domains: secureweb.com.br ([www] * in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} https://wwws.santandernet.com.br/mps/plugin/Cab/GbPluginABN.cab (GbPluginObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.162.194.244 200.162.196.29 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2FA83C5-F2BD-478E-9CB4-86BDCFA55902}: DhcpNameServer = 200.162.194.244 200.162.196.29 200.204.0.10 200.204.0.138
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\PROGRA~2\GbPlugin\gbiehAbn.dll) - C:\PROGRA~2\GbPlugin\gbiehAbn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\PROGRA~2\GBPLUGIN\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/07/10 22:26:07 | 000,000,000 | ---D | C] -- C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spark Browser
[2013/07/10 22:20:19 | 000,000,000 | ---D | C] -- C:\toolbarImages
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Ingrid\Documents\*.tmp files -> C:\Users\Ingrid\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/07/17 11:37:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/07/17 10:50:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000UA.job
[2013/07/17 10:48:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/17 10:29:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000UA.job
[2013/07/17 10:27:37 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 10:27:37 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 10:19:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/17 10:19:30 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/17 00:50:01 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000Core.job
[2013/07/16 19:29:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-271221751-1856760113-3418612761-1000Core.job
[2013/07/16 00:37:41 | 000,000,005 | ---- | M] () -- C:\Users\Ingrid\AppData\Roaming\WBPU-TTL.DAT
[2013/07/14 21:51:32 | 000,000,047 | ---- | M] () -- C:\Archive.ini
[2013/07/14 19:59:39 | 000,001,128 | ---- | M] () -- C:\Users\Ingrid\Desktop\Spark Browser.lnk
[2013/07/14 19:59:38 | 000,002,054 | ---- | M] () -- C:\Users\Ingrid\Desktop\facebook.lnk
[2013/07/13 08:20:40 | 000,000,060 | ---- | M] () -- C:\Users\Ingrid\Desktop\CONTAPRIME.url
[2013/07/13 07:52:50 | 000,002,374 | ---- | M] () -- C:\Users\Ingrid\Desktop\Google Chrome.lnk
[2013/07/12 01:13:03 | 000,039,981 | ---- | M] () -- C:\Users\Ingrid\Documents\mãe...pdf
[2013/07/10 12:20:03 | 000,284,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/29 01:10:38 | 001,342,766 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/06/29 01:10:38 | 001,289,586 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/29 01:10:38 | 000,770,776 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/06/29 01:10:38 | 000,747,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/29 01:10:38 | 000,005,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/23 14:27:05 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIngrid.job
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Ingrid\Documents\*.tmp files -> C:\Users\Ingrid\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/07/13 08:20:40 | 000,000,060 | ---- | C] () -- C:\Users\Ingrid\Desktop\CONTAPRIME.url
[2013/07/12 01:13:03 | 000,039,981 | ---- | C] () -- C:\Users\Ingrid\Documents\mãe...pdf
[2013/07/10 22:26:07 | 000,002,054 | ---- | C] () -- C:\Users\Ingrid\Desktop\facebook.lnk
[2013/06/16 10:37:22 | 000,000,005 | ---- | C] () -- C:\Users\Ingrid\AppData\Roaming\WBPU-TTL.DAT
[2013/05/22 12:47:29 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/04/14 19:23:33 | 000,000,238 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/04/13 20:00:14 | 000,004,016 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguro.ini
[2013/04/13 20:00:14 | 000,002,112 | ---- | C] () -- C:\Windows\SysWow64\PsClikSeguroOff.ini
[2012/07/29 20:00:53 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/03/11 12:59:26 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/01/11 20:02:35 | 000,000,660 | RHS- | C] () -- C:\Users\Ingrid\ntuser.pol
[2011/07/21 02:31:33 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/05/21 20:14:29 | 000,000,238 | -HS- | C] () -- C:\Users\Ingrid\procede.ini
[2011/05/18 15:35:48 | 000,000,224 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011/05/12 01:06:15 | 000,057,896 | ---- | C] () -- C:\Users\Ingrid\OgAAAGRCY_iLTO3itZ65ROOt2t2fj6POF8hJFIlfU9hJv8jx-C5nvlcp-bVpY5SLsopzznysft5cGJ04-ZZ02G_9xwgAm1T1UNp4I9kKk_RdVZTYPOO6ZAZaPdV-.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/06/08 21:08:25 | 000,000,000 | ---D | M] -- C:\Users\aaaa\AppData\Roaming\Oracle
[2013/03/02 19:41:58 | 000,000,000 | ---D | M] -- C:\Users\aaaa\AppData\Roaming\PSafe
[2011/05/28 23:01:58 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\Babylon
[2011/06/14 22:18:46 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\SoftGrid Client
[2011/05/15 11:46:12 | 000,000,000 | ---D | M] -- C:\Users\Ana Paula\AppData\Roaming\WildTangent
[2013/02/25 01:53:05 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\BabSolution
[2012/03/31 20:51:49 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\Babylon
[2013/04/29 16:02:32 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\DSite
[2012/05/12 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\GetRightToGo
[2013/01/25 11:44:11 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\PSafe
[2012/10/17 14:52:35 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\raidcall
[2013/06/18 01:24:49 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\SoftGrid Client
[2013/03/15 14:51:07 | 000,000,000 | ---D | M] -- C:\Users\Convidado\AppData\Roaming\WildTangent
[2012/03/21 00:00:38 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Babylon
[2012/07/31 14:29:16 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\dll-files.com
[2011/06/09 12:01:53 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\MP3Rocket
[2012/10/27 12:37:18 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\PerformerSoft
[2012/11/01 18:54:44 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Positivo
[2013/01/30 11:20:39 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\PSafe
[2012/10/20 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\raidcall
[2012/07/06 14:19:06 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\SoftGrid Client
[2011/08/11 20:13:25 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Systweak
[2012/01/05 22:44:21 | 000,000,000 | ---D | M] -- C:\Users\Eliziara\AppData\Roaming\Unity
[2012/07/29 19:29:50 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\AnySend
[2013/03/11 19:32:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Audacity
[2012/10/26 20:50:25 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Babylon
[2012/07/25 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/06/14 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\DealPly
[2013/04/27 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\DSite
[2012/10/28 20:03:36 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\eType
[2013/03/20 14:51:56 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\File Scout
[2013/05/21 18:28:57 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Funmoods
[2013/07/13 08:20:56 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\GetRightToGo
[2011/05/18 14:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Kazaa Lite
[2013/01/20 17:00:08 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\LegacyGames
[2013/05/01 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Mipony
[2013/07/16 13:02:00 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\MP3Rocket
[2013/04/14 19:40:40 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\MySQL
[2013/03/20 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\PerformerSoft
[2012/06/24 22:29:49 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Phantasmat_bf_se1
[2012/11/01 18:54:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Positivo
[2013/03/12 17:41:15 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\PSafe
[2012/09/03 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\raidcall
[2013/07/09 02:33:20 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SoftGrid Client
[2013/03/20 14:52:15 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SpecialSavings
[2013/03/20 14:52:11 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\SpeedanAlysis
[2011/09/29 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Systweak
[2012/03/19 00:30:17 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\TestApp
[2011/05/13 19:46:33 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\TP
[2011/05/11 22:47:40 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\WildTangent
[2011/09/22 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\WinBatch
[2013/07/17 10:23:29 | 000,000,000 | ---D | M] -- C:\Users\Ingrid\AppData\Roaming\Yontoo
[2011/05/28 20:42:56 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\Babylon
[2011/06/13 17:39:58 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\MP3Rocket
[2011/06/10 00:48:35 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\SoftGrid Client
[2011/05/21 00:43:35 | 000,000,000 | ---D | M] -- C:\Users\Isabela\AppData\Roaming\WildTangent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 412 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:0BBF232A
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
 
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
Antes de continuarmos, peço que exclua o OTL e baixe-o novamente. Mas dessa vez salve-o no desktop e não na pasta Downloads, pois ele pode gerar erros estando nessa pasta.

1 - Baixe o Avenger e salve no desktop.
2 - Descompacte-o e execute o programa como administradora. Clique em OK na mensagem.
3 - Copie todo o texto dessa página aqui e cole na área em branco que diz "Input script here".
4 - Clique no botão Execute e aguarde o programa reiniciar o PC.
5 - Após reiniciar, ele vai gerar um relatório do resultado. Apenas salve-o no desktop, por enquanto.

Depois disso...

1 - Abra o OTL como administradora (que deverá estar no desktop!).
2 - Na área inferior azul do programa chamado "Exames Personalizados/Correções", cole todo o texto dessa página aqui.
3 - Clique no botão Consertar e aguarde o PC reiniciar.
4 - Ele vai gerar o relatório final.

Em sua próxima resposta, cole os logs finais do Avenger e do OTL aqui.
MODERADOR
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
não acho o relatório do Avenger
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
Veja dentro da pasta dele em C:\Avenger.
MODERADOR
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

guidymuller
não achei o Avenger :/

OTL

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031949b3-28b6-43a4-90e2-dde1cfe21390}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-271221751-1856760113-3418612761-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{031949b3-28b6-43a4-90e2-dde1cfe21390}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{031949b3-28b6-43a4-90e2-dde1cfe21390}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{703CD368-E2F3-AED3-4024-3F9C9FA66B32}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8BA62835-CD2E-41AC-B506-A6A4E227A169}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BA62835-CD2E-41AC-B506-A6A4E227A169}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92001F8A-C36B-473A-91E7-5BE0C81CF2B3}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Hotspot Shield Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: "http://search.babylon.com/?affID=117199&tt=4612_7&babsrc=HP_ss&mntrId=506b8b2f000000000000984be133e4e7" removed from browser.startup.homepage
Prefs.js: {87F8774F-B485-47E2-A755-A40A8A5E8874}:2.12.0.15.120 removed from extensions.enabledAddons
Prefs.js: {87F8774F-B485-47E2-A755-A40A8A5E886C}:2.12.0.14.120 removed from extensions.enabledAddons
Prefs.js: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0 removed from extensions.enabledAddons
Prefs.js: ffxtlbr@funmoods.com:1.5.1 removed from extensions.enabledAddons
Prefs.js: crossriderapp5060@crossrider.com:0.86.38 removed from extensions.enabledAddons
Prefs.js: 4zffxtbr@VideoDownloadConverter_4z.com:2.50.0.65474 removed from extensions.enabledAddons
Prefs.js: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.4.6.3 removed from extensions.enabledAddons
Prefs.js: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 3 removed from extensions.enabledAddons
Prefs.js: plugin@yontoo.com:1.20.02 removed from extensions.enabledAddons
Prefs.js: SpecialSavings@SpecialSavings.com:2.0.0.1 removed from extensions.enabledAddons
Prefs.js: speedanalysis@SpeedAnalysis.com:1.0.0.1 removed from extensions.enabledAddons
Prefs.js: wrc@avast.com:8.0.1483 removed from extensions.enabledAddons
Prefs.js: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.10 removed from extensions.enabledAddons
Prefs.js: {c95a4e8e-816d-4655-8c79-d736da1adb6d}:3.18.0.7 removed from extensions.enabledAddons
Prefs.js: extension23986@extension23986.com:0.91.57 removed from extensions.enabledAddons
Prefs.js: YTKaraoke@DacSoft.org:1.112 removed from extensions.enabledAddons
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=SB_CUI&q=" removed from keyword.URL
Prefs.js: "127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: "127.0.0.1" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: 1 removed from network.proxy.type
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully.
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\ThirdPartyInstallers folder moved successfully.
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\chrome folder moved successfully.
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content\mz folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Extensions\speedanalysis@SpeedAnalysis.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\bProtector_extensions folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\plugins folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\modules folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\locale\en-US folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\locale folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\searchplugin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\Plugins folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\modules folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults\preferences folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\images folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\locale\en-US folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\locale folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\defaults\preferences folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content\lib folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\locale\en-US folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\locale folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\defaults\preferences folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\extensionCode folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\core folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\api folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com\content\imgs folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com\content\images folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\ffxtlbr@funmoods.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com\chrome\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\SpecialSavings@SpecialSavings.com folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\searchplugin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\Plugins folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\modules folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\META-INF folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged\{c95a4e8e-816d-4655-8c79-d736da1adb6d} folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\staged folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\toolbar@ask.com folder moved successfully.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\ not found.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\defaults\ not found.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\locale\ not found.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\skin\ not found.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode\ not found.
Folder C:\Users\Ingrid\AppData\Roaming\mozilla\Firefox\Profiles\plr85c92.default\extensions\extension23986@extension23986.com\chrome\content\extensionCode\ not found.
File C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\bProtector_extensions\mozupd@facebook.com.xpi not found.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\askcom.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\babylon.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\browsemngr.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\clikseguro.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\conduit.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Funmoods.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\RadioPI_4e.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\SweetIM Search.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\sweetim.xml moved successfully.
C:\Users\Ingrid\AppData\Roaming\mozilla\firefox\profiles\plr85c92.default\searchplugins\Web Search.xml moved successfully.
C:\Users\Ingrid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll moved successfully.
File C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\crossrider not found.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\js\lib\popupResource folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\js\lib folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\js\app folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\js\api folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\js folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\icons\actions folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\icons folder moved successfully.
C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051FB9EC-79EA-4F8E-9EC2-F1FF4462FB09}\ deleted successfully.
C:\Program Files (x86)\Buscapé\Buscapé na Hora\IE\BphBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211391186}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211391186}\ deleted successfully.
C:\Program Files (x86)\Savings Vault\Savings Vault.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ deleted successfully.
C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45564571-A21B-48ED-B584-69752EEE9C3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45564571-A21B-48ED-B584-69752EEE9C3D}\ deleted successfully.
C:\Program Files (x86)\SpeedAnalysis.com\ScriptHost.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}\ deleted successfully.
C:\Program Files (x86)\SpecialSavings\ScriptHost.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}\ deleted successfully.
C:\Program Files (x86)\DealPly\DealPlyIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F351B686-F6AF-45F1-9EB9-684C805B25B1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F351B686-F6AF-45F1-9EB9-684C805B25B1}\ deleted successfully.
C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{61628E2A-4FF9-4454-992D-D92A8CD27399} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61628E2A-4FF9-4454-992D-D92A8CD27399}\ not found.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AnySend Updater deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files (x86)\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Deskmedia deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
C:\Users\Ingrid\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-271221751-1856760113-3418612761-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yontoo Desktop deleted successfully.
C:\Users\Ingrid\AppData\Roaming\Yontoo\YontooDesktop.exe moved successfully.
C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start Freenet.lnk moved successfully.
C:\Users\Ingrid\AppData\Local\Freenet\freenet.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll deleted successfully.
File move failed. c:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll scheduled to be moved on reboot.
C:\Users\Ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spark Browser folder moved successfully.
C:\toolbarImages folder moved successfully.
========== FILES ==========
[color=#A23BEC]< type C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 /c >[/color]

C:\Users\Ingrid\Downloads\cmd.bat deleted successfully.
C:\Users\Ingrid\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< type C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 /c >[/color]

C:\Users\Ingrid\Downloads\cmd.bat deleted successfully.
C:\Users\Ingrid\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: aaaa
->Temp folder emptied: 147470 bytes
->Temporary Internet Files folder emptied: 33298 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34693088 bytes
->Flash cache emptied: 56970 bytes
 
User: All Users
 
User: Ana Paula
->Temp folder emptied: 143424892 bytes
->Temporary Internet Files folder emptied: 128458104 bytes
->Java cache emptied: 2248441 bytes
->FireFox cache emptied: 122639156 bytes
->Flash cache emptied: 58719 bytes
 
User: AppData
 
User: Convidado
->Temp folder emptied: 609960730 bytes
->Temporary Internet Files folder emptied: 133200532 bytes
->Java cache emptied: 2860559 bytes
->FireFox cache emptied: 69180117 bytes
->Google Chrome cache emptied: 455339570 bytes
->Flash cache emptied: 338289926 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56478 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Eliziara
->Temp folder emptied: 304143330 bytes
->Temporary Internet Files folder emptied: 115603022 bytes
->Java cache emptied: 63173 bytes
->FireFox cache emptied: 120558059 bytes
->Google Chrome cache emptied: 423543443 bytes
->Flash cache emptied: 71074 bytes
 
User: Ingrid
->Temp folder emptied: 718914880 bytes
->Temporary Internet Files folder emptied: 447829217 bytes
->Java cache emptied: 666731 bytes
->FireFox cache emptied: 120111319 bytes
->Google Chrome cache emptied: 434540495 bytes
->Flash cache emptied: 59296 bytes
 
User: Isabela
->Temp folder emptied: 151311563 bytes
->Temporary Internet Files folder emptied: 267342392 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 196911443 bytes
->Flash cache emptied: 60678 bytes
 
User: Public
 
User: Todos os Usuários
 
User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 661708979 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 96649 bytes
RecycleBin emptied: 2266 bytes
 
Total Files Cleaned = 5.726,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07182013_131015

Files\Folders moved on Reboot...
File move failed. c:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll scheduled to be moved on reboot.
C:\Users\Ingrid\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ingrid\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que abrem sozinhas!!

Guilherme
Administrador
Não existe um arquivo de texto chamado "Avenger" em seu disco local ou na pasta que o Avenger está salvo? Use a busca do Windows e procure por avenger ou avenger.txt.

Sem o log dele eu não consigo saber se os arquivos foram removidos.

Mas de qualquer maneira, como está o PC?
MODERADOR
Carregando...